BSI Grundschutz vs ISO 27001 — Which AI Agents Cover What
BSI Grundschutz vs ISO 27001 — Which AI Agents Cover What
Two frameworks. One organisation. Four months of audit preparation — or eight seconds per control check.
If you run security for a German enterprise, you already know this tension: BSI IT-Grundschutz is the standard your regulators expect, especially if you’re KRITIS. ISO 27001 is what your international customers, insurers, and procurement teams demand. Running both manually means either two separate GRC programmes eating your team alive, or a dangerous patchwork of “it’s basically the same” that fails the first serious audit.
This isn’t a theory article. This is a direct mapping — framework to framework, control to agent — so you can make a specific decision about what to automate first and where the gaps are.
The Regulatory Landscape in Germany: What’s Actually Mandatory
Before the mapping: let’s be precise about what “mandatory” means here.
BSI IT-Grundschutz is mandatory for:
- KRITIS operators under BSI-KritisV (critical infrastructure)
- Federal authorities (Bundesbehörden) under BSI-Gesetz §8a
- Defence sector and classified systems (VSA/VS-NfD environments)
- Many Länder-level public sector entities by state law
ISO 27001 is mandatory for:
- Organisations seeking recognised information security certification
- Many financial sector entities (increasingly expected under DORA)
- Enterprise supply chains (automotive TISAX builds on ISO 27001 foundations)
- Cloud providers serving regulated customers
Both are effectively required when:
- You’re KRITIS and you want insurance coverage
- You’re a German Mittelstand with international customers
- You’re NIS2-essential and want certification to demonstrate compliance
The German-specific certification path is “ISO 27001 auf Basis IT-Grundschutz” — a BSI-managed certification that grants ISO 27001 certification while simultaneously proving Grundschutz conformance. This dual-path is theoretically efficient. In practice, it adds BSI-specific documentation requirements on top of ISO’s already substantial burden.
Bottom line: if you’re in Germany and above ~250 employees in a relevant sector, you’re likely managing both. This article is written for that reality.
Framework Architecture: How They’re Built
BSI IT-Grundschutz (BSI 200-1/200-2/200-3/200-4)
Structure: Process-oriented, prescriptive building blocks (Bausteine) Total Bausteine (2023 Kompendium): 111 building blocks across 11 layers Approach: Three protection tiers — Basisabsicherung (basic), Standardabsicherung (standard), Kernabsicherung (core) Risk methodology: BSI 200-3 (simplified) or classic risk analysis Certification body: BSI-approved auditors only Certification cycle: Initial + annual maintenance German-language requirement: Yes — primary documentation in German Key differentiator: Prescriptive safeguards per Baustein; less risk-interpretation freedom than ISO
ISO 27001:2022
Structure: Risk-based ISMS with Annex A controls Total controls (Annex A): 93 across 4 themes (Organisational, People, Physical, Technological) Approach: Define scope → risk assessment → Statement of Applicability → implement → certify Risk methodology: Any recognised method (ISO 31000, NIST, internal) Certification body: Any accredited Conformity Assessment Body (DAkkS in Germany) Certification cycle: 3-year with annual surveillance audits Language: English (primary), translated versions available Key differentiator: Risk-based flexibility; Statement of Applicability allows justified exclusions
The Control Mapping: 111 Bausteine vs 93 ISO Controls
BSI Grundschutz organises its Bausteine into layers. ISO 27001:2022 organises Annex A into 4 themes. They overlap significantly — BSI was deliberately aligned with ISO 27001 in its 2017 modernisation — but they are not identical.
The critical alignment: BSI 200-2 explicitly states that Grundschutz certification includes ISO 27001 certification. The BSI certification catalogue maps each Baustein to ISO 27001 clauses. ~85% of ISO controls have direct Grundschutz equivalents. The remaining ~15% (particularly new 2022 controls like threat intelligence, cloud services, data masking) require separate evidence in a combined programme.
Here’s the layer-by-layer mapping — and which of the 14 Security Factory agents handles each layer:
Layer 1: ISMS (Management System)
| BSI Baustein | ISO 27001 Equivalent | Primary Agent |
|---|---|---|
| ISMS.1 — Sicherheitsmanagement | Clauses 4-10 (ISMS core) + A.5.1, A.5.2, A.5.35 | GRC Agent |
What this means operationally: Risk registers, risk treatment plans, management review documentation, ISMS scope, internal audit scheduling. The GRC Agent maintains the risk register, generates board briefings (tested at 15 seconds for 7 data categories), and produces ISMS status dashboards. Manual equivalent: 1 senior GRC Manager, full-time, €120-150K loaded.
Layer 2: ORP (Organisation and Personnel)
| BSI Baustein | ISO 27001 Equivalent | Primary Agent |
|---|---|---|
| ORP.1 — Organisation | A.5.2, A.5.3, A.5.4, A.5.36 | Compliance Agent |
| ORP.2 — Personal | A.6.1, A.6.2, A.6.3, A.6.4, A.6.5 | Security Awareness Agent |
| ORP.3 — Sensibilisierung und Schulung | A.6.3 | Security Awareness Agent |
| ORP.4 — IAM | A.5.15, A.5.16, A.5.17, A.5.18, A.8.2 | IAM Governance Agent |
| ORP.5 — Compliance Management | A.5.31, A.5.36, A.5.37 | Compliance Agent |
ORP layer reality check: This is where most German organisations have the biggest gaps. ORP.3 (Sensibilisierung) requires documented, measurable awareness programmes — not just a once-a-year email. The Security Awareness Agent tracks campaign completion rates, phishing simulation click rates, and department-level culture scores. It generates the evidence BSI auditors want: dated completion records, trend analysis, remediation for departments below threshold.
Layer 3: CON (Concepts and Procedures)
| BSI Baustein | ISO 27001 Equivalent | Primary Agent |
|---|---|---|
| CON.1 — Kryptokonzept | A.8.24 (Cryptography) | Security Architecture Agent |
| CON.2 — Datenschutz | A.5.34 (Privacy), GDPR | Privacy Agent |
| CON.3 — Datensicherungskonzept | A.8.13 (Backup) | Security Architecture Agent |
| CON.8 — Software-Entwicklung | A.8.25-A.8.31 (Secure development) | AppSec Agent |
| CON.9 — Informationsaustausch | A.5.14 (Information transfer) | Policy Agent |
CON layer highlight: CON.2 (Datenschutz) is where Grundschutz and GDPR explicitly intersect. The Privacy Agent manages Article 30 Records of Processing, DPIAs, and breach response timelines — all of which are also audited under BSI certification for KRITIS operators who fall under BDSG/GDPR simultaneously.
Layer 4: OPS (Operations)
| BSI Baustein | ISO 27001 Equivalent | Primary Agent |
|---|---|---|
| OPS.1.1.3 — Patch- und Änderungsmanagement | A.8.8 (Vulnerability management) | Vulnerability Management Agent |
| OPS.1.1.4 — Schutz vor Schadprogrammen | A.8.7 (Malware protection) | SOC/MDR Agent |
| OPS.1.1.5 — Protokollierung | A.8.15 (Logging), A.8.16 (Monitoring) | SOC/MDR Agent |
| OPS.1.2.3 — IS-Vorfallmanagement | A.5.24-A.5.28 (Incident management) | Incident Response Agent |
| OPS.2.1/2.3 — Outsourcing | A.5.19-A.5.22 (Supplier security) | Vendor Risk Agent |
| OPS.2.2 — Cloud-Nutzung | A.5.23 (Cloud services) | Vendor Risk Agent + Security Architecture Agent |
OPS layer insight: OPS.1.2.3 (Vorfallmanagement) is one of the highest-audit-risk Bausteine. BSI auditors want to see documented incident timelines, notification records, and post-incident reviews. The Incident Response Agent tracks all 12 stages of each incident, maintains chain-of-custody evidence, and auto-generates the NIS2 Article 23 notification timeline (24h / 72h / 1 month). Under both BSI and ISO 27001, the same evidence package satisfies both requirements.
Layer 5: DER (Detection and Response)
| BSI Baustein | ISO 27001 Equivalent | Primary Agent |
|---|---|---|
| DER.1 — Detektion | A.8.15, A.8.16 (Logging & Monitoring) | SOC/MDR Agent |
| DER.2.1 — Sicherheitsvorfallbehandlung | A.5.24-A.5.27 | Incident Response Agent |
| DER.2.2 — IT-Forensik | A.5.28 (Evidence collection) | Incident Response Agent |
| DER.3.1 — Revisionen und Prüfungen | A.5.35 (Independent review) | Compliance Agent |
| DER.4 — Notfallmanagement | A.5.29, A.5.30 (BCM/ICT resilience) | GRC Agent + Compliance Agent |
DER.1 is where most organisations fail their first BSI audit. Logging is implemented; log monitoring is not. Detecting events ≠ acting on them within the required timeframe. The SOC/MDR Agent covers alert triage, MTTD/MTTR tracking, and detection rule performance — the evidence trail that shows BSI auditors your monitoring is operational, not just configured.
Layers 6-11: Infrastructure, Networks, Systems, Applications
These layers (INF, NET, SYS, APP, IND) are primarily technical implementation layers. They map to ISO 27001’s Technological Controls (A.8.x) and require evidence from multiple agents:
| BSI Layer | ISO Theme | Security Factory Coverage |
|---|---|---|
| INF — Physical security | A.7.x (Physical, 14 controls) | Physical controls outside agent scope* |
| NET — Network security | A.8.20, A.8.21, A.8.22 | Security Architecture Agent |
| SYS — IT Systems | A.8.8, A.8.9, A.8.18, A.8.19 | Vuln Mgmt Agent + IAM Governance Agent |
| APP — Applications | A.8.25-A.8.31 | AppSec Agent |
| IND — Industrial IT | A.8.x (partially) | Security Architecture Agent |
*Physical security (facility access, equipment security) requires on-site evidence. No AI agent replaces physical security controls — but the Compliance Agent documents and tracks them.
The 14 Agents: Full Coverage Matrix
| Security Factory Agent | BSI Grundschutz (Primary) | ISO 27001:2022 (Primary) | Controls Covered |
|---|---|---|---|
| GRC Agent | ISMS.1, DER.4 | Clauses 4-10, A.5.1, A.5.35 | Risk register, ISMS core, BCM |
| Compliance Agent | ORP.1, ORP.5, DER.3.1 | A.5.31, A.5.35, A.5.36 | Multi-framework compliance tracking, audit prep |
| SOC/MDR Agent | DER.1, OPS.1.1.4, OPS.1.1.5 | A.8.7, A.8.15, A.8.16 | Detection, logging, monitoring, alert triage |
| Threat Intel Agent | DER.1 (advanced) | A.5.7 (Threat intelligence — new 2022) | CTI feeds, IOCs, actor profiling |
| Vendor Risk Agent | OPS.2.1, OPS.2.2, OPS.2.3 | A.5.19, A.5.20, A.5.21, A.5.22, A.5.23 | Third-party risk, supply chain, cloud vendors |
| IAM Governance Agent | ORP.4 | A.5.15, A.5.16, A.5.17, A.5.18, A.8.2 | Access control, identity lifecycle, PAM, SoD |
| Incident Response Agent | OPS.1.2.3, DER.2.1, DER.2.2 | A.5.24-A.5.28 | IR lifecycle, forensics, notifications |
| Vulnerability Mgmt Agent | OPS.1.1.3 | A.8.8 | Patch management, vuln prioritisation |
| Policy Agent | CON.9, ORP.5 | A.5.1, A.5.10, A.5.37, A.6.2 | Policy lifecycle, review cycles, exceptions |
| Privacy Agent | CON.2 | A.5.34, GDPR integration | ROPA, DPIAs, DSARs, breach notification |
| Security Awareness Agent | ORP.2, ORP.3 | A.6.3, A.6.8 | Training programmes, phishing sims, culture metrics |
| Security Architecture Agent | CON.1, CON.3, NET., SYS. | A.8.20-A.8.24, A.8.26 | Architecture reviews, cloud posture, crypto, network |
| AppSec Agent | CON.8, APP.* | A.8.25, A.8.26, A.8.27, A.8.28, A.8.29, A.8.30, A.8.31 | Secure SDLC, threat modelling, pipeline security |
| AI Governance Agent | (no direct BSI Baustein*) | A.5.7 (partial), A.5.23 (partial) | EU AI Act, shadow AI, AI risk classification |
*BSI has published BSI AI guidance (BSI TR-03183, AI Cloud Services criteria) but AI-specific Bausteine are not yet in the 2023 Kompendium. This is an active gap — BSI is developing dedicated AI Bausteine expected 2025/2026.
The 2022 ISO Controls BSI Grundschutz Doesn’t Yet Fully Cover
ISO 27001:2022 added 11 new controls vs. the 2013 version. These represent areas where the BSI Grundschutz Kompendium has partial or no equivalent Baustein:
New ISO 27001:2022 controls with limited Grundschutz coverage:
- A.5.7 — Threat intelligence: No dedicated Baustein. BSI references threat intel in DER.1 but doesn’t prescribe a formal threat intelligence programme. → Threat Intel Agent fills this gap.
- A.5.23 — Cloud services security: OPS.2.2 exists but is less prescriptive than A.5.23 requires for multi-cloud environments. → Vendor Risk Agent + Security Architecture Agent.
- A.5.30 — ICT readiness for business continuity: DER.4 covers BCM but A.5.30 specifically requires ICT-layer RTOs/RPOs to be tested and documented. → GRC Agent + Compliance Agent.
- A.8.10 — Information deletion: CON.6 (Löschen und Vernichten) covers physical media but A.8.10 extends to cloud and data lifecycle. → Privacy Agent.
- A.8.11 — Data masking: No direct Grundschutz equivalent. → Security Architecture Agent.
- A.8.23 — Web filtering: Partially covered under NET.* Bausteine. → SOC/MDR Agent.
- A.8.12 — Data leakage prevention: No dedicated Baustein. → AppSec Agent + Security Architecture Agent.
Practical implication: If you’re pursuing “ISO 27001 auf Basis IT-Grundschutz” certification, these 7 new controls require additional evidence packages beyond what Grundschutz documentation generates. Your SoA must explicitly address them.
The Certification Process: What Each Standard Actually Demands
BSI IT-Grundschutz Certification Path
Step 1 — Scope Definition (4-8 weeks) Define the Information Domain (Informationsverbund). Map all assets, processes, and interfaces. Choose protection level: Basis, Standard, or Kern.
Step 2 — Baustein Selection and Gap Analysis (8-16 weeks) For each in-scope Baustein, document which Anforderungen (requirements) are implemented, partially implemented, or not applicable. This is the Grundschutz equivalent of ISO’s Statement of Applicability.
Step 3 — Risk Analysis for Deviations (4-8 weeks) Any Anforderung not fully implemented requires a formal risk analysis under BSI 200-3. No “risk acceptance without documentation” — this is audited.
Step 4 — BSI-Approved Auditor Engagement (2-4 weeks) Only BSI-licensed auditors can certify. There are ~120 licensed auditors in Germany (as of 2024). Lead times for reputable firms: 3-6 months.
Step 5 — Dokumentenprüfung + Vor-Ort-Prüfung Document review followed by on-site audit. Auditors will spot-check implementation evidence against documented safeguards.
Step 6 — Certification Issued Valid 3 years. Annual maintenance reviews required. Re-certification every 3 years.
Total timeline: 9-18 months for organisations starting from scratch
ISO 27001:2022 Certification Path
Step 1 — ISMS Scope and Context (2-4 weeks) Define scope. Identify interested parties and their requirements. Document context.
Step 2 — Risk Assessment and Treatment (4-8 weeks) Select risk methodology. Assess risks. Select controls. Produce Risk Treatment Plan.
Step 3 — Statement of Applicability (2-4 weeks) Document all 93 Annex A controls: applicable or excluded (with justification). This is the single most important certification document.
Step 4 — Control Implementation (8-24 weeks, depending on gaps) Implement all applicable controls. Produce evidence. Establish policies, procedures, and operating records.
Step 5 — Internal Audit + Management Review (4-6 weeks) Mandatory pre-certification. Document findings and corrective actions.
Step 6 — Stage 1 Audit (Document Review) Certification body reviews ISMS documentation, SoA, risk treatment plan.
Step 7 — Stage 2 Audit (On-site Implementation Review) Auditors verify controls are implemented and operating effectively.
Step 8 — Certification Issued Valid 3 years. Annual surveillance audits. Re-certification every 3 years.
Total timeline: 6-12 months for organisations with reasonable security maturity
The Cost Comparison: Manual vs AI-Assisted
This is where most articles stop short. Not here.
Manual Compliance Programme (Both Frameworks)
Internal headcount:
- 1 Senior GRC/Compliance Manager: €130K base = €195K/yr loaded
- 1 Compliance Analyst (Grundschutz specialist): €75K base = €112K/yr loaded
- 0.5 FTE Security Architect (compliance documentation): €100K base = €75K/yr loaded (half-time)
- Shared SOC analyst time for evidence collection: €40K/yr (estimated 0.5 FTE equivalent)
External costs:
- BSI-approved auditor for Grundschutz certification: €40-80K (initial)
- ISO 27001 certification body (Stage 1 + Stage 2): €20-35K (initial)
- Annual surveillance audits (both): €25-40K/yr
- Gap analysis consultant before certification: €30-60K
- GRC tool licence (Drata, Vanta equivalent): €25-45K/yr (US tools, poor NIS2/BSI coverage)
Total Year 1: €560-640K Ongoing (Year 2+): €450-510K/yr
AI-Assisted Compliance Programme (Security Factory)
Core compliance bundle — 5 agents:
- GRC Agent: €1,500/mo
- Compliance Agent: €1,500/mo
- Policy Agent: €1,500/mo
- IAM Governance Agent: €1,500/mo
- Incident Response Agent: €1,500/mo
Subtotal: €7,500/mo = €90,000/yr
What you still need (humans):
- 1 Senior GRC Manager (strategy, stakeholder management, auditor liaison): €195K/yr loaded
- BSI-approved auditor (non-negotiable): €40-80K (initial), €25-40K/yr ongoing
- ISO 27001 certification body: €20-35K (initial), €15-25K/yr ongoing
Total Year 1: €350-400K Ongoing (Year 2+): €325-365K/yr
But here’s the real calculation:
- The AI agents compress timeline from 18 months to 6 months
- That’s 12 months of avoided consultant fees: €150-300K one-time saving
- AI generates evidence continuously — no pre-audit scramble
- Effective ongoing savings vs. pure manual: €125-200K/yr
The number your CFO wants: Running both BSI Grundschutz and ISO 27001 manually costs €450-510K/yr in Year 2+. The Security Factory compliance bundle (5 agents + human oversight + certification costs) runs €325-365K/yr. Savings: ~€130-150K/yr. Plus: audit-readiness every day instead of four months before the audit.
Expand to the full 14-agent platform (€21K/mo = €252K/yr) and you’re covering GRC, security operations, threat intelligence, privacy, AppSec, and AI governance simultaneously — replacing the functional equivalent of a 6-8 person security team at a fraction of the cost.
Which Agent to Start With: The KRITIS Prioritisation
If you’re KRITIS and need to show BSI progress fast, the starting sequence matters.
Phase 1 (Months 1-3): Grundschutz Core Deploy GRC Agent and Compliance Agent first. Map your existing controls to BSI Bausteine. Identify your top 10 gaps. The Compliance Agent processes a 50-control gap register in 8 seconds and prioritises by Grundschutz Anforderung type (Basic/Standard/Elevated).
Phase 2 (Months 3-6): Operational Evidence Add Incident Response Agent, IAM Governance Agent, and Policy Agent. These three generate the evidence types BSI auditors scrutinise most: incident records with timelines, access review documentation, and policy review cycles.
Phase 3 (Months 6-12): Full Coverage Add remaining agents based on audit scope. For ISO 27001 dual-certification, prioritise Vendor Risk Agent (A.5.19-A.5.23) and Security Awareness Agent (A.6.3 evidence trail) — these are frequently cited gaps in first-year ISO audits.
Phase 4 (Ongoing): AI Governance The AI Governance Agent becomes critical as BSI develops AI-specific Bausteine and as EU AI Act enforcement begins. Get your AI inventory documented now before regulators ask.
The German Context: What US Tools Miss
Drata, Vanta, and Secureframe are good tools. They cover SOC 2, ISO 27001 (partially), and US-centric frameworks well. They do not cover:
- BSI IT-Grundschutz — zero coverage. No Baustein mapping, no German-language documentation, no BSI auditor workflow.
- NIS2UmsuCG — the German NIS2 implementation law. US tools offer generic “NIS2” mapping; they don’t understand the German legislative specifics.
- TISAX — VDA ISA assessment framework mandatory for German automotive suppliers. Not in any US tool.
- Betriebsrat requirements — deploying AI agents in Germany requires works council consultation under BetrVG §87 (monitoring of employees) and §90 (technology changes). US tools have never heard of Mitbestimmung.
- BDSG — German Federal Data Protection Act requirements layered on top of GDPR. The Privacy Agent is configured for German DPA (Datenschutzkonferenz) requirements, not just GDPR.
Security Factory is built for German enterprises, with German regulatory context built in. That’s not a marketing line — it’s the functional difference between a tool that generates a compliant NIS2UmsuCG incident report and one that generates a US-format IR report your German lawyer can’t use.
What This Means for Your 2026 Audit Programme
Three things to do immediately:
-
If you’re KRITIS: Request a Schutzbedarfsfeststellung (protection needs assessment) against the current Grundschutz Kompendium. Do it with the GRC Agent — it maps your asset inventory to Bausteine automatically. Don’t start an audit without this.
-
If you have ISO 27001 and need Grundschutz: Your Statement of Applicability is 70-80% of the Grundschutz documentation you need. Start there. The Compliance Agent cross-maps your existing SoA against Grundschutz Anforderungen and shows you exactly what’s missing.
-
If you have neither: Start with ISO 27001 scoping. Get your ISMS defined. The Grundschutz documentation requirements are a superset — do ISO first, then extend. The agents handle both simultaneously.
Try the Compliance Agent
The MusterSec demo lets you interact with a live Compliance Agent loaded with a realistic dataset: 108K of interconnected security data, 50 risks, 12 incidents, framework coverage across ISO 27001, NIS2, and DORA — with BSI mapping in development.
Ask it to show you the ISO 27001 control gap report. Ask it which Grundschutz Bausteine map to your existing ISO controls. See what 8 seconds of analysis looks like compared to your last manual compliance review.
→ Try the Compliance Agent Demo
Not ready for the demo? Book a 30-minute technical call. We’ll map your current framework coverage to the Security Factory agents and show you exactly which gaps the platform closes.
Next: Non-Human Identity Security for German Enterprises — The Hidden Compliance Risk — Service accounts, API keys, and machine identities are your largest unaudited identity surface. Here’s how to get them under control.
Need help with this?
We help enterprise security teams implement what you just read — from strategy through AI-powered automation. First strategy session is free.