Search Search
Ask for Support Ask for Support Support
Status Status Status
News
» .NEWS & EVENTS
verinice

New combo bundle: ISO 27001 and IT Grundschutz combined

verinice Bundle ISO+GS

With the new verinice ISO+GS (DE) Bundle, SerNet GmbH is expanding the new verinice generation with a combined solution for information security management systems (ISMS): The bundle combines the ISO 27001 and BSI IT Grundschutz domains. With the bundle, users are immediately ready to go and can implement nationally and internationally valid requirements in parallel. With its modular structure, it also supports the domains of data protection and NIS2 – meaning that all central compliance requirements can be mapped in one place. Try it for free with the evaluation offer.

Two standards – one ISMS

This combination offers the best of both worlds: ISO 27001 provides a globally recognized, process-oriented framework for information security, while BSI IT-Grundschutz delivers concrete measures, building blocks, and practical guidelines. The symbiosis results in an ISMS that can be certified according to both ISO 27001 and BSI-Grundschutz. A particular advantage is that organizations can aim for ISO 27001 certification based on IT-Grundschutz – a procedure recognized by the BSI that combines both approaches, thus bridging the gap between German security standards and international recognition. The new verinice bundle is ideal for this approach.

The bundle includes, among other things:

  • Implementation of DIN EN ISO/IEC 27001, 27002, and 27005
  • Implementation of BSI standards 200-1, 200-2, and 200-3
  • Integrated risk analysis according to ISO/IEC 27005 and BSI IT-Grundschutz 200-3
  • Component modeling, SoA (Statement of Applicability), inventory list, and reports
  • Support for the 2023 edition of the IT-Grundschutz Compendium

This enables the setup, maintenance, and certification of an ISMS based on both approaches – without the need for time-consuming customization. Extensions for business continuity management (ISO 22301 / BSI 200-4) will follow in the fourth quarter of 2025.

Getting started made easy

The bundle is ready for immediate use and includes one user license and two units for productive use and testing. Additional users and units can be added flexibly.

The source code, interfaces, and documentation for verinice are freely accessible. This supports digital sovereignty, long-term security, and full integration capability into existing structures. Companies and public authorities benefit from a solution that is not only methodologically comprehensive, but also technically compatible and future-proof.

Back
Contact us
Contact