LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is BSI Standard 200-2 and what does it cover?

BSI 200-2 (IT-Grundschutz Methodology) provides practical guidance for building and operating an ISMS, including creating a security concept and selecting appropriate security measures.

BSI 200-2 concretizes BSI 200-1 by describing:

  1. IT security management tasks — Roles and responsibilities
  2. Building organizational structures for information security
  3. Creating a security concept — Step-by-step approach
  4. Selecting appropriate security measures — Based on the IT-Grundschutz-Kompendium
  5. Maintaining and improving information security over time

The six-phase security process (defined in BSI 200-1, which 200-2 operationalizes step by step):

  1. Initiation of the security process
  2. Creation of the information security guideline
  3. Organization of the security process
  4. Creation of a security concept
  5. Implementation of the security concept
  6. Maintenance and improvement

Tip: BSI 200-2 is the most hands-on standard in the BSI family — it's where you find the actual methodology for day-to-day ISMS work.

From Quiz: ISM / Standards & Frameworks I (ISO, BSI) | Updated: Jul 05, 2026