Now that the BSI has also changed the machine-readable format of the basic protection compendium, it was time for a new functional update of our i-doit add-on VIVA2 for setting up an information security management system (ISMS) according to the new IT basic protection methodology of the BSI. With the version released today, the new basic protection compendium 2022 can be imported. Minor improvements have also been implemented and some bugs have been fixed.
These are the new features in the Basic Protection Compendium 2022:
The following new modules have been added:
- 1.1.7 System management,
- 1.2.6 NTP time synchronisation,
- 4.4 Kubernetes,
- 1.6 Containerisation,
- 3.2 Remote maintenance in an industrial environment,
- 13 Technical facility management
- and INF.14 Building Automation.
The BSI has revised the previous modules editorially and for the most part in terms of content. (See also BSI newsflash)
These are the new features of the add-on in detail:
Import of the IT-Grundschutz Compendium Edition 2022 possible
In order to import the Basic Protection Compendium Edition 2022, which was published on 8 February 2022, the import function had to be revised again. Even if the Basic Protection Compendium 2021 is still valid, we recommend updating to the new version of the compendium after updating the add-on.
ATTENTION!
The new basic protection compendium cannot be recognised by older VIVA2 versions (prior to version 3.2). If you go through the import wizard without new requirements, modules and hazards appearing in the wizard, these object types will then be empty!
For the import, you can use the wizard as usual, which you can find under Extras->IT-Grundschutz->Compendium. This shows you which modules, hazards and requirements are new or have been changed.
Your individual modules are also retained during this update process.
The exact procedure for updating the compendium can be found in the add-on documentation: https://viva2.readthedocs.io/de/latest/update.html
Improved overview in the IT-Grundschutz check
For an improved overview in the ‘IT-Grundschutz Check’ category, the modules can now be expanded and collapsed. The 3 requirement types ‘Basic requirements’, ‘Standard requirements’ and ‘Requirements for increased protection needs’ can now also be expanded and collapsed. The last status is saved in the user settings for each module.
Inline editing for the determination of protection requirements
To prevent multiple or incorrect entries in the ‘Protection requirements’ category, the editing function for this category has been revised and now enables inline editing, even for several protection requirements at the same time:
The rights to this category are now also taken into account in the ‘Determination of protection requirements’ function (see https://viva2.readthedocs.io/de/latest/schutzbedarfsfeststellung.html).
Bug fixes
As always, the open bugs have also been fixed. A list of all changes and bug fixes can be found in the changelog.
Couldn’t attend the i-doit Compliance Roundtable LIVE? No problem. We recorded the event for you.
Get recording now
premium partner
becon is an i-doit Premium Partner, Certified Support Partner and Development Partner of synetics GmbH and thus offers an all-round carefree package.
With i-doit to an efficient ISMS – IT security with i-doit, functions of the ISMS and VIVA2 add-ons
Fact Sheet
More than just IT documentation
i-doit is more than just the best open source based platform for IT documentation. With an intelligent relationship model, the ability to model IT services, manage configurations to devices and applications, and visualize dependencies and statistics, i-doit becomes a business-ready CMDB. In this fact sheet we describe the benefits of i-doit and the service packages, add-ons and service packages becon offers you.
Fact Sheet
More than just IT documentation
i-doit is more than just the best open source based platform for IT documentation. With an intelligent relationship model, the ability to model IT services, manage configurations to devices and applications, and visualize dependencies and statistics, i-doit becomes a business-ready CMDB. In this fact sheet we describe the benefits of i-doit and the service packages, add-ons and service packages becon offers you.
The central IT documentation
i-doit is a powerful web-based application,
that allows you to create and manage a 360° documentation of your entire IT infrastructure.
Test now 30 days free of charge!
blog
Related blog articles
Secure network infrastructure: basics and best practices
A secure network infrastructure protects against cyber attacks, secures data and meets legal requirements. Our blog shows how tools such as Wazuh and proven measures help to effectively protect networks and keep them stable.
DataGerry: The smart solution for flexible and schemaless IT documentation
DataGerry is the flexible open source solution for modern IT documentation – schemaless, automatable and user-friendly. Whether cloud or on-premise: companies of all sizes benefit from a future-proof, customizable CMDB.
The changing defense industry: challenges and opportunities in times of geopolitical tensions
The defense industry is facing a turning point. The digitalization, automation and networking of weapon systems present both opportunities and challenges. At the same time, the demands on IT security and the resilience of critical infrastructures are increasing.
Contact
Instant contact
Do you have any questions, suggestions, requests or are you facing a particular challenge? We look forward to hearing from you!
+49 (0) 89 608668-0