Infor­mation Technology in Critical Infra­struc­tures — KritisVO

The depen­dence on infor­mation technology systems is growing in our social system with increasing special­i­sation and division of labour. Infor­mation technology operates where the flow of water, traffic, food, medicines, energy and money is to be controlled by admin­is­tration and the economy. The legis­lator therefore takes into account the important role of infor­mation technology as a controlling infra­structure and adopted the IT Security Act (ITSiG) and the Critical Regula­tions (KritisVO) for the protection of critical infra­struc­tures based on it.

The legis­lator defines critical infra­struc­tures (KRITIS) as organ­i­sa­tions or insti­tu­tions of important impor­tance for the state community whose failure or impairment would result in supply bottle­necks with a lasting effect, consid­erable disrup­tions to public security or other dramatic conse­quences. The Federal Office for Infor­mation Security (BSI) names the areas of energy supply, infor­mation technology and telecom­mu­ni­ca­tions, transport and traffic, health, water, nutrition, finance and insurance, government and admin­is­tration as well as media and culture. If more than 500,000 citizens are affected by the failure of an infra­structure in one of these areas, this infra­structure is considered critical. As the operator of such an infra­structure, ITSiG and KritisVO require them to provide the BSI with special evidence.