Quiz Entry - updated: 2026.06.04
What happens in the Modellierung (modeling) step of the IT-Grundschutz analysis?
The recorded information domain is rebuilt using the Grundschutz building blocks: layer by layer, applicable blocks are selected and assigned to their target objects.
Modellierung turns the inventory (from structure analysis) into an IT-Grundschutz model:
- Work through the layer model of the Kompendium (~85 blocks total)
- Select per layer those blocks necessary for the security of the information domain (e.g. INF.1 for the building, SYS.1.1 for the server group, OPS.x for operations processes)
- Assign each selected block to its target object (system group, room, application, the whole organization)
- Blocks may be modified where needed — e.g. supplemented with additional measures or made technically more concrete
The resulting model is the test plan: it defines exactly which requirements apply to which object — the input for the Basis-Sicherheitscheck.
Tip: Modeling = "instantiating" the generic Kompendium classes onto your concrete objects — like applying templates to assets.