Users of IT-Grundschutz have the opportunity to contribute their expertise to IT-Grundschutz by creating so-called Benutzerdefinierte Bausteine (user defined building block). To do this, an institution picks out a topic or partial aspect for which no IT-Grundschutz building block has yet been published and on which it would like to work. Those responsible for information security can put their experience and work results, such as security assessments of threats and requirements, into the form of a building block. This user defined building block can then be published on the IT-Grundschutz website. Companies that want to address similar topics can benefit from the existing expertise and, at best, develop the content further.
The BSI does not review the content of user-defined building blocks, and the building blocks are not usually published in the IT-Grundschutz compendium. If there is a high demand for a topic, it is possible to revise a module further and include it in the IT-Grundschutz-Kompendium. The modules were created by IT-Grundschutz users and kindly made available to the BSI for publication. They may be used free of charge for IT security concepts based on IT-Grundschutz without the author's consent and without providing a source reference.