Additional Security Analysis

According to the standards laid down in the IT-base-security, an additional security analysis is necessary if certain target objects of the respective information network have an increased protection need, but which cannot be modelled in a suitable way or applied in untypical circumstances. Which measures are to be taken is defined in the BSI-Standard 100-2 “IT-Grundschutz Vorgehensweise” (english: IT-base protection approach). With the help of supplementing security analysis, it is determined whether a risk analysis is required.