LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is the practical value of the IT-Grundschutz-Kompendium?

It removes the cost of building a security concept from scratch — picking the relevant Bausteine and implementing their Massnahmen is enough for the vast majority of standard scenarios.

From-scratch ISMS taking 18-24 months replaced by the Kompendium, moving at operations speed and free

* The Kompendium replaces an 18-24-month from-scratch design — implementation runs at the speed of operations, and it is free. *

The BSI puts it concisely:

"Aufwand für die Entwicklung eines Sicherheitskonzepts reduzieren. In der Regel genügt es, die auf den Einsatzzweck zutreffenden Bausteine auszuwählen und die darin enthaltenen Massnahmen einzuplanen und konsequent umzusetzen."

Why this is hard to overstate:

  • A from-scratch ISMS programme can take 18–24 months to design and implement.
  • A Grundschutz-based programme reuses ~30 years of accumulated security knowledge — implementation moves at the speed of operations, not design.
  • It's free (no per-seat license, no certification fee for downloading the Kompendium).

Tip: If you're doing ISO 27001 certification and want a head start, read the BSI Kompendium first — it tells you what controls a defensible ISMS actually looks like, and 27001 Annex A starts to make a lot more sense afterwards.

Go deeper:

From Quiz: ISF / ISMS & Security Standards (ISO 27k, NIST, BSI) | Updated: Jul 05, 2026