October 22

“BSI IT-Grundschutz Praktiker” certificate



  • The "IT-Grundschutz Praktiker" certificate is a entry level infosec certificate relevant mainly for the DACH region
  • The "IT-Grundschutz" concept was developed by the German "Bundesamt für Sicherheit in der Informationstechnik" (aka. BSI)
  • Using its systematic approach, an organisation of any size can validate and improve its security by following standardized processes and elements in the IT-Grundschutz
  • An "IT-Grundschutz Praktiker" has the basic knowledge to help implementing an ISMS in an organisation
  • I'm very happy that I passed the exam for this certification as well


Now, I also passed the exam for my certificate as "BSI IT-Grundschutz Praktiker". :smile: I think it's a perfect addition to my CompTIA Security+ and Network+ certificates. The former are more technology focused in my perception, whereas the IT-Grundschutz is more business oriented and focused on processes and systems.

The IT-Grundschutz is based on ISO 27001, developed and curated by the Bundesamt für Sicherheit in der Informationstechnik (aka. BSI) in Germany.

training and online exams

As I did the learning for myself and did not book any in person training, I mainly used the free of charge online training provided by the BSI to prepare myself for the exam.

In this online training, after each lesson you will find some multiple choice questions to test your level of learning. Also the exam is made of 50 multiple choice questions which you have to answer in 60min.

To train myself for this, I also programmed a multiple choice quiz game in Python. Beside the demo questions, I created my own questions in the required JSON-format. Thinking reverse, so inventing wrong answers as well, was a good way for me to learn the material. And sure, testing it with the Python-game was fun too. I will write more about this quiz program here in my blog and make it publicly available on Github soon.

You are not forced to take any lessons prior to this exam, but in my perception most of the suppliers mentioned as licensed training centers on the website of the BSI are more interested in offering training, then the exam only. :wink:

So lucky me contacting HiSolutions AG, which offered also an online exam even if you haven't booked any training with them. The booking process was very easy and the exam a professional but enjoyable experience. The results have been provided almost instantly. A fantastic service overall, so I would recommend HiSolutions for this.

my cert

My cert as "BSI IT-Grundschutz Praktiker" (some PII removed)


BSI IT-Grundschutz, certification, exam, infosec

You may also like

Unlock Effective Cybersecurity: Simplify Policies with the Clarity of the OSI Model

TL;DR Diving into the essence of effective cybersecurity, this article shines a light on the transformative power of simplifying policy language, inspired by the OSI model’s structured communication layers. It goes beyond theoretical insights, offering actionable strategies for CISOs to demystify complex jargon and make cybersecurity policies accessible and engaging for every team member. Highlighting

Read More

Event takeaway: 4. BSI Grundschutztag

My key takeaways 3.BSI Grundschutztag was canceled ISMS = management in normal situations; BCM = management in crisis situations There is no statistic available yet, how security impacts have changed after getting certified by BSI Grundschutz BIA focusses primarily on availability where risk analysis questions why a system might not be available increasing combination of

Read More