Navigation and service

BSI - Federal Office for Information Security (Link to homepage)

IT Security Label

The IT Security Label for manufacturers

The IT Security Label can be issued by the BSI for products or services if you, the manufacturer, have fully checked the product's conformity with specific IT security requirements and confirmed their fulfillment with the manufacturer's declaration. The application is voluntary and possible only for product categories defined by the BSI.

The granting process is shown in simplified form in the following overview and is described in detail within the document Process description for issuing IT Security Labels.

5 steps to issuance

1. Conformity Assessment

Before submitting an application, manufacturers and service providers must check if their product meets the IT security requirements of the IT Security Label. You may carry out this conformity assessment yourself or assign it to a testing body of your choice. Once you have confirmed compliance with the security requirements, you can submit your application.

Find out here which security requirements apply to your specific product and how you can assess conformity:

2. Application

After a positive compliance assessment, you can easily apply for the IT Security Label via the Federal Portal. Please note that an administrative fee will be charged for processing the application, regardless
of the outcome of the procedure. We therefore recommend that you get in touch with us before submitting your application for the IT Security Label in order to address any open questions.

Note: The application for an IT Security Label for "video conferencing services" is currently possible by mail only.

Apply online Ap­ply by mail

3. Plausibility check by the BSI

After you as the manufacturer have submitted your application for the IT Security Label, the BSI checks the application and the manufacturer's declaration for completeness and plausibility.

According to Section 6 BSI-ITSiKV (Ordinance on the IT Security Label of the German Federal Office for Information Security), applications may undergo a simplified procedure without plausibility check if a certificate under Section 9 of the BSI Gesetz (Act on the Federal Office for Information Security) or a foreign state label, recognised by the BSI, have already been issued for the application subject, in both cases based on the same test standard.

4. Issue of the IT Security Label

After a positive review of the application, you will receive a notification from the BSI that entitles you to use the respective IT Security Label for a specified duration. In addition to the notification, you will receive the IT Security Label as a usable label that you can affix to your product or the outer packaging.

When the IT Security Label is issued, the BSI also creates a product information page that serves to inform consumers about your product and the manufacturer's declaration you have issued. The product information page can be reached via a permanent link integrated in the QR code on the label.

5. After issuance: market surveillance

During the duration of the IT Security Label the market surveillance of the BSI checks whether the it security properties of the product declared in the manufacturer's declaration are fulfilled.
The market surveillance will test the conformity of the labelled product with the underlying it security requirements, on an ad-hoc or occasion-related basis,

Read more in the process description market surveillance

You can find more information on how the label works as well as the most important questions and answers in our FAQ.

If you have any open questions regarding the application for the IT Security Label, simply contact us before submitting your application at: it-sicherheitskennzeichen@bsi.bund.de.

Additional information

More Information

Back to IT Security Label