According to the BSI Kritis Regulation in line with Section 10 of the BSI-Act (BSIG), operators of critical infrastructures must provide documentation of compliance of their precautions and safeguards (see Section 8a (1) of the BSI-Act to the BSI in line with the state of the art for the prevention of disruptions. The orientation guide to proof of compliance provides support in this regard. It is addressed to the operators of critical infrastructures, to the auditing bodies and to the authors of sector-specific security standards (B3S).

Version 1.1 of the orientation guide to proof of compliance is now available. In addition to a considerable number of minor improvements, some points have been elaborated in more detail in the new version.

Using the associated forms, operators can submit documentation of compliance to the BSI every two years proving they have implemented organisational and technical precautions and safeguards to prevent disruptions (in accordance with Section 8a (1) of the BSI-Act).

We are happy to accept your documentation in electronic form via encrypted e-mail. For encryption, please use the S/MIME certificate or the public PGP key of the KRITIS-Büro. Both are provided in the download section under 'Registering and reporting'. Transfer by De-Mail is also possible (De-Mail address of the BSI: de-mail@bsi-bund.de-mail.de).

This document is also available in German