Recommendations & Guidelines

Information security is a very complex topic, where technical and organizational measures must be applied equally in order to achieve sufficient protection for the entire organization. In order to make this somewhat easier for you, we provide here a series of guidelines and advisors which have been developed from corresponding recommendations, e.g. of the BSI, and the exchange with other information security officers in the state of Baden-Württemberg.

These guides will be updated and extended.

Despite all efforts to ensure secure operation and sensitive use of IT, critical incidents cannot be ruled out. All operators of IT systems at the university should prepare for such emergencies by taking appropriate organizational and technical measures. In the event of an emergency, appropriate documentation should be available (also offline) to achieve the following goals, among others:

  • Initiate immediate measures
  • stop the spread of damage
  • Reach important contact persons by telephone
  • comply with legally required reporting channels and deadlines
  • Securing evidence for later processing and, if necessary, criminal prosecution

The BSI and the Alliance for Cybersecurity provide handouts for this purpose, which can already be used to set up a basic emergency management system. The BSI's IT emergency card can also be useful. It describes the most important rules of conduct for end users in the event of IT emergencies so that panic-like actions do not increase the damage (all document only available in german):

Communication and Information Centre (kiz)

Please contact us if you have questions or problems related to the kiz services:

Office hours
Monday - Thursday
09:00 h - 12:00 h and 13:00 h - 15:30 h

Friday 09:00 h - 12:00 h

+49 (0) 731 / 50 - 30000

+49 (0) 731 / 50 - 1230000

Order a Callback
Support Portal (Uni internal)

Service Points are locations where you can visit us personally.


Using self-service functions of the Identity Management System (IDM): Administer permissions, subscribe to services, change passwords.

IDM Self Services

Research in the library stock: monographs, textbooks, magazines, university publications, e-books, e-journals, national licenses, and the contents of the institutional repository OPARU.

library catalogue::local

With about 400 keywords you will get direct access to our services. If something isn't listed, please contact our Internet Editorial Office.

A-Z List

more about: Awareness raising

The Security-Usability-Society (SECUSO) research group at KIT has developed training videos on how to recognise and deal with phishing emails. The videos are about 5 minutes long and include a general introduction, the most important rules for recognising fraudulent messages and illustrative examples.


The University of Mannheim has produced a six-part podcast series in cooperation with an agency. Embedded in a radio play, listeners learn more about various dangers in the IT sector and receive tips on how to deal with security problems.