Reports of cyber attacks targeting companies and governments with serious consequences for their victims are becoming increasingly commonplace. To be able to detect and handle cyber attacks targeting the Federal Administration, this minimum standard defines rules for the logging and detection of security-relevant events in communications systems used by the Federal Administration.

With this minimum standard, the BSI defines a uniform approach to the detection of cyber attacks as required by the 2017 Implementation Plan while establishing a basis for the specification and implementation of organisational and technical measures. To ensure a common basis and application, the minimum standard therefore also defines a number of especially relevant terms. In addition, appropriate details are also provided for the modules OPS.1.1.5 Logging and DER.1 Detecting Security-Relevant Events from the updated IT-Grundschutz. The Federal Administration Logging Policy (PR-B) and Framework Data Protection Model (RDSK) are also incorporated by being included as permanent annexes to the minimum standard. The Federal Administration Logging Policy (PR-B) provides a detailed framework for the implementation of the basic requirement OPS.1.1.5.A1 Creation of a Security Policy for Logging while also serving as an implementation guideline for Section 5 (1) Sent. 1 No. 1 in conjunction with Sent. 4 of the BSI Act.

Update February 2021: we have adjusted some of the links in the minimum standard as a result of the reorganisation of the BSI web pages. The document with the updated links is provided here for your convenience as version 1.0a – no changes have been made to the actual content.

Download minimum standard (only available in German)

Mindeststandard des BSI nach § 8 Abs. 1 Satz 1 BSIG zur Protokollierung und Detektion von Cyber-Angriffen in der Bundesverwaltung

Download Technical Implementation Guidance for the Federal Administration Logging Policy (PR-B) (only available in German)

Requirement PRB.I.1.1.1.2 references Technical Implementation Guidance for the Federal Government Logging Policy (PR-B). According to the General Administrative Provision for the Material Protection of Classified Information (VSA), this guidance is 'Classified information (CI) – RESTRICTED' and therefore not published here.

The Implementation Guidance can be downloaded from the protected area. Please feel free to contact us if you have any queries.