Federal Office for Information Security (BSI)

Self-declaration and IT-Grundschutz Certificate

There are three different versions of IT-Grundschutz qualification, which differ with regard to the degree of assurance and the IT security safeguards that have to be implemented:

0rganisation of cerfication

A self-declaration can be submitted by an agency/company when it has been determined for a particular target of evaluation that the essential (entry-level) or most important (higher level) safeguards in the IT-Grundschutz Catalogues have been implemented. The purpose of self-declarations is to facilitate progress towards achieving certification and they should be viewed as milestones on the way to an IT-Grundschutz Certificate.

By contrast, an IT-Grundschutz Certificate is issued by a certification authority. Checking as to whether the target of evaluation satisfies the requirements of the IT-Grundschutz Certificate is carried out by an independent auditor who has been licensed by the BSI. In particular, it is a precondition to the issue of an IT-Grundschutz Certificate that all the standard security safeguards that are relevant to the target of evaluation have been implemented in all essential respects.

Hinweis zur Verwendung von Cookies

Um unsere Webseite für Sie optimal zu gestalten und fortlaufend verbessern zu können, verwenden wir Cookies. Durch die weitere Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu. Weitere Informationen hierzu erhalten Sie in unserer Datenschutzerklärung.