Now that the BSI has also changed the machine-readable format of the basic protection compendium, it was time for a new functional update of our i-doit add-on VIVA2 for setting up an information security management system (ISMS) according to the new IT basic protection methodology of the BSI. With the version released today, the new basic protection compendium 2022 can be imported. Minor improvements have also been implemented and some bugs have been fixed.
These are the new features in the Basic Protection Compendium 2022:
The following new modules have been added:
- 1.1.7 System management,
- 1.2.6 NTP time synchronisation,
- 4.4 Kubernetes,
- 1.6 Containerisation,
- 3.2 Remote maintenance in an industrial environment,
- 13 Technical facility management
- and INF.14 Building Automation.
The BSI has revised the previous modules editorially and for the most part in terms of content. (See also BSI newsflash)
These are the new features of the add-on in detail:
Import of the IT-Grundschutz Compendium Edition 2022 possible
In order to import the Basic Protection Compendium Edition 2022, which was published on 8 February 2022, the import function had to be revised again. Even if the Basic Protection Compendium 2021 is still valid, we recommend updating to the new version of the compendium after updating the add-on.
ATTENTION!
The new basic protection compendium cannot be recognised by older VIVA2 versions (prior to version 3.2). If you go through the import wizard without new requirements, modules and hazards appearing in the wizard, these object types will then be empty!
For the import, you can use the wizard as usual, which you can find under Extras->IT-Grundschutz->Compendium. This shows you which modules, hazards and requirements are new or have been changed.
Your individual modules are also retained during this update process.
The exact procedure for updating the compendium can be found in the add-on documentation: https://viva2.readthedocs.io/de/latest/update.html
Improved overview in the IT-Grundschutz check
For an improved overview in the ‘IT-Grundschutz Check’ category, the modules can now be expanded and collapsed. The 3 requirement types ‘Basic requirements’, ‘Standard requirements’ and ‘Requirements for increased protection needs’ can now also be expanded and collapsed. The last status is saved in the user settings for each module.
Inline editing for the determination of protection requirements
To prevent multiple or incorrect entries in the ‘Protection requirements’ category, the editing function for this category has been revised and now enables inline editing, even for several protection requirements at the same time:
The rights to this category are now also taken into account in the ‘Determination of protection requirements’ function (see https://viva2.readthedocs.io/de/latest/schutzbedarfsfeststellung.html).
Bug fixes
As always, the open bugs have also been fixed. A list of all changes and bug fixes can be found in the changelog.
Couldn’t attend the i-doit Compliance Roundtable LIVE? No problem. We recorded the event for you.
Get recording now
premium partner
becon is an i-doit Premium Partner, Certified Support Partner and Development Partner of synetics GmbH and thus offers an all-round carefree package.
With i-doit to an efficient ISMS – IT security with i-doit, functions of the ISMS and VIVA2 add-ons
Fact Sheet
More than just IT documentation
i-doit is more than just the best open source based platform for IT documentation. With an intelligent relationship model, the ability to model IT services, manage configurations to devices and applications, and visualize dependencies and statistics, i-doit becomes a business-ready CMDB. In this fact sheet we describe the benefits of i-doit and the service packages, add-ons and service packages becon offers you.
Fact Sheet
More than just IT documentation
i-doit is more than just the best open source based platform for IT documentation. With an intelligent relationship model, the ability to model IT services, manage configurations to devices and applications, and visualize dependencies and statistics, i-doit becomes a business-ready CMDB. In this fact sheet we describe the benefits of i-doit and the service packages, add-ons and service packages becon offers you.
The central IT documentation
i-doit is a powerful web-based application,
that allows you to create and manage a 360° documentation of your entire IT infrastructure.
Test now 30 days free of charge!
blog
Related blog articles
becon at it-sa 2025: NIS2, ISMS, CMDB, and attack detection
The it-sa Expo&Congress in Nuremberg is Europe’s largest trade fair for IT security. Meet our team on site in Hall 7, Booth 7-550, or at our presentation “Implementing NIS 2 with DataGerry – CMDB, ISMS, and attack detection in a one-stop solution.”
DataGerry | Release 3.0.0
The DataGerry 3.0.0 major release brings new features such as a fully integrated ISMS module, the interactive CI Explorer, support for many-to-many relationships and a completely redesigned reporting system. Manage risks, visualize dependencies and analyze your data even more efficiently.
Modern cyber security: Why SIEM is indispensable for companies
Cyberattacks are becoming increasingly sophisticated, and companies are faced with the challenge of effectively protecting their IT infrastructures. It is no longer enough to rely solely on conventional security measures such as firewalls or antivirus software. Security Information and Event Management (SIEM) plays a central role.
Contact
Instant contact
Do you have any questions, suggestions, requests or are you facing a particular challenge? We look forward to hearing from you!
+49 (0) 89 608668-0