The IT Baseline Protection Manual contains standard security safeguards, implementation advice and aids for numerous IT configurations which are typically found in IT systems today. This information is intended to assist with the rapid solution of common security problems, support endeavours aimed at raising the security level of IT systems and simplify the creation of IT security policies. The standard security safeguards collected together in the IT Baseline Protection Manual are aimed at a protection requirement which applies to most IT systems.

For the majority of IT systems, this considerably facilitates the task of drawing up a security policy, hitherto a labour-intensive process, by eliminating the need for extensive, and often complex, analyses of threats and probabilities of occurrence. If the manual is used, all that is required to identify security shortcomings and specify appropriate security measures is to compare the target safeguards presented here with the actual safeguards in operation.

The IT Baseline Protection Manual has been created so that it can be continuously updated and extended. It is revised every six months to incorporate suggestions for improvements, additional material and reflect the latest IT developments. I would like to thank those users of the IT Baseline Protection Manual who have contributed to this version.

Dr. Dirk Henze

© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Letzte Aktualisierung: Oktober 2000