LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

What is the typical structure of an IT-Grundschutz Baustein (building block)?

Each block is a ~10-page document: description and threat landscape first, then requirements graded Basis / Standard / high protection need, plus a cross-reference table.

A Baustein and its four parts — Beschreibung, Gefährdungslage, Anforderungen, Kreuzreferenztabelle.

* The fixed Baustein structure — Beschreibung, Gefährdungslage, Anforderungen, Kreuzreferenztabelle. *

A Baustein (e.g. SYS.1.1 "general server") follows a fixed document structure:

  1. Beschreibung (description) — introduction, objective, scope/delimitation, responsible roles
  2. Spezifische Gefährdungslage — the specific threats relevant to this object
  3. Anforderungen (requirements)not measures:
    • Basis requirements (must be fulfilled first)
    • Standard requirements
    • Requirements for elevated protection need
  4. References to further information
  5. Annex: Kreuzreferenztabelle — the cross-reference table mapping requirements to elementary threats

Compact size (~10 pages) is intentional — the old catalogs' blocks plus measures had grown to thousands of pages; the Kompendium is usable in practice.

Go deeper:

From Quiz: ISM / IT-Grundschutz (BSI) | Updated: Jul 05, 2026