Quiz Entry - updated: 2026.07.05
What is the goal of the Schutzbedarfsfeststellung (protection needs assessment), and in what order is it performed?
It determines how much protection each object of the information domain needs — assessed first for applications/data, then derived for systems, communication links, and rooms.
Goal: a justified, comprehensible answer to three questions:
- How much protection do the identified objects need?
- How do we arrive at a well-founded assessment?
- Which objects have elevated protection needs?
Procedure:
- Define the protection-need categories for your organization (individualization — what does "high damage" mean for us?)
- Assess protection needs:
- of IT applications and data first,
- derived from that: IT systems,
- derived further: communication links and IT rooms
- Document and interpret the results (understandable for management!)
Tip: The order mirrors the inheritance chain — you can't assess a server before knowing what runs on it, nor a room before knowing what's racked in it.
Go deeper:
Lektion 4: Schutzbedarfsfeststellung (BSI Online-Kurs) — Ziel und Reihenfolge der Schutzbedarfsfeststellung (Anwendungen → Systeme → Räume → Verbindungen).