Publication of the catalogue of IT security requirements under section 11(1a) of the Energy Act
The Bundesnetzagentur has published a catalogue of security requirements under section 11(1a) of the Energy Act (EnWG). The requirements, drawn up in consultation with the Federal Office for Information Security (BSI), serve to ensure protection against possible threats to telecommunications and electronic data processing systems that are vital for secure network operation.
IT security requirements catalogue (August 2015) (German language only)
The IT security requirements aim to ensure
- the availability of the systems and data to be protected,
- the integrity of the systems and the information processed, and
- the confidentiality of the information processed.
Electricity and gas network operators are required to implement a minimum level of IT security. The core requirement is the establishment of an information security management system (ISMS) with certification to DIN ISO/IEC 27001 by 31 January 2018.
Network operators are required to email the contact details of their IT security coordinator to the Bundesnetzagentur by 30 November 2015 using the following form:
IT security coordinator contact details (German language only)