Contact | How to find us | Sitemap | Imprint Deutsch English

ISO 27001 – Certification based on IT-Grundschutz

An ISO 27001 certificate based on IT-Grundschutz enables companies and authorities to demonstrate their IT-Security efforts internationally and can be considered as a quality feature customers and business partners can rely on. It may also lead to a competitive advantage.

During certification according to IS0 27001 based on IT-Grundschutz both the IT-Security management system implemented by the institution and the concrete IT-Security measures are audited.
Furthermore the certificate indicates that within the institution

  • IT Security is an accepted value,
  • IT Security management is in place and moreover
  • IT Security has reached a well defined level at a specific date.

In addition to certification according only to ISO/IEC 27001 technical aspects of IT-Grundschutz are also checked. Therefore the certificate is more significant than a pure ISO 27001 certification.

An ISO 27001 Certificate based on IT-Grundschutz is issued by the certification authority BSI (Bundesamt für Sicherheit in der Informationstechnik). Whether the object of investigation meets the requirements is established by an independent auditor who has to be licensed by BSI for auditing according to IS0 27001 based on IT-Grundschutz.

A particular precondition for awarding the certificate is that all relevant standard security measures are implemented.

Additional information as well as the current catalog of IT-Grundschutz is available on