Practical BSI IT-Grundschutz preparation for SMEs that need to demonstrate a recognized German security baseline — for public-sector contracts, larger customer due diligence, or general defensibility. We do the scoping, mapping and documentation work, not the formal certification itself.
Practical BSI IT-Grundschutz preparation for SMEs that need to demonstrate a recognized German security baseline — scoping, mapping and documentation work.
명확한 마일스톤을 갖춘 투명한 협업 모델.
Decide which Grundschutz profile (Basis or Standard), which information domain is in scope, which building blocks apply.
Map current technical, organisational and procedural controls against Grundschutz building blocks. Written gap report with prioritised remediation.
Implement missing controls over 6–12 months; produce the documentation needed for self-assessment or external audit.
과장 없는 현실적이고 정직한 기대치.
A defensible posture against a German national standard.
Evidence pack structured for review.
Basis profile for SMEs; Standard for higher maturity.
The work produces operational hygiene, not paperwork.
전문 페이지는 생태계를 강화하고 적합한 서비스로 안내합니다.
Graham Miranda 서비스 영역을 비교하는 방문자를 위한 간결한 답변.
No — formal certification requires an accredited auditor. We do the preparation work; we coordinate with auditors when certification is the goal.
For most SMEs that need to demonstrate a serious baseline for public-sector tenders or larger-customer due diligence, Basis is typically appropriate. Standard for higher requirements.
Grundschutz building blocks largely map to ISO 27001 controls. Some SMEs prepare both. We coordinate scope to avoid duplication.
We work to the current edition. Updates to building blocks tracked as part of the engagement.
Basis: typically 6–9 months for SMEs starting from a baseline. Standard: 9–18 months.
Yes — annual review and maintenance is a common follow-on engagement.
Practical BSI IT-Grundschutz preparation for SMEs that need to demonstrate a recognized German security baseline — scoping, mapping and documentation work.
