BSI standard (IT-Grundschutz)
The ISMS software QSEC® is named by the BSI BSI standard (IT-Grundschutz) as an alternative to GSTOOL and supports an optimal implementation of the BSI standard 200-1 to 200-3 and 100-4 in public administration of any size via licensed basic BSI standard (IT-Grundschutz) content.
The GSTool successor extension of QSEC works according to BSI standard (IT-Grundschutz) and at the same time enables information security management according to the requirements of ISO 27001.
The multifunctional platform QSEC for
- Data Protection,
- Information Security,
- Risk Management and
- Business Continuity Management / Business Impact Analysis
- and many other standards
enables theintegrated use of recorded company data, such as business processes, assets and information in ONE management system.
QSEC supports the requirements and processes of the BSI standard (IT-Grundschutz) and all other standards / norms. The user is guided via intuitive workflows, wizards and task support with
- Questionnaires,
- Proposed measures,
- „Best Practices“,
- Model documents,
- Risk catalogues,
- Sample business processes, and assets according to industries.
The modules, risks and measures are updated in QSEC according to the BSI updates.
In QSEC® it is possible to work simultaneously according to security standards ISO/IEC 27001 and BSI standard (IT-Grundschutz). Users have the possibility to decide on a procedure or to operate it in a parallel way.
| BSI standard (IT-Grundschutz) | ISO/IEC 27001 |
| Definition of organization and scopes | Definition of organization and scopes |
| Capture of IT with structural analysis | Capture of the IT (grouping) with structural analysis |
| Recording of business processes and information | Recording of business processes and information |
| Storage of the module catalogues | Maturity assessment with output of the SoA |
| Risk analysis on the basis of the risk catalogues and the implemented measures | Risk analysis on the basis of threats and vulnerabilities |
| Risk level classification with gross and net risks | Risk level classification with gross and net risks |
| Catalogues of measures completely integrated | Catalogues of measures completely integrated |
| Document Management / Security Incidents … | Document Management / Security Incidents … |
The BSI standard (IT-Grundschutz) extension is available for all QSEC product variants and enables the implementation of BSI standard (IT-Grundschutz) in a sustainable and user-friendly manner.