Controls in Instant 27001 and the BIO add-on have been tagged with the labels BBN1, BBN2, BBN3, SG, PE and DL. Here’s what it means:
BBN
BBN stands for basisbeveiligingsniveau, or basic level of protection. Based on the classification of the information that is going to be processed, you will need to comply to BBN1, BBN2 or BBN3.
If you are required to comply to BBN1, it means you can disregard all controls labelled BBN2 and BBN3.
Roles
The second label is the role who is responsible for the implementation of this control.
| Role | Dutch | English | Explanation |
|---|---|---|---|
| SG | Secretaris generaal, directeur | Secretary general, director | Relevant only for government bodies (departments, agencies and municipalities) |
| PE | Proceseigenaar | Process owner | Relevant only for government bodies (departments, agencies and municipalities) |
| DL | Dienstenleverancier | Service provider | Relevant for internal or external service providers, such as suppliers or shared service centers |
In general, unless you are a government body, only the controls labelled DL are relevant for you.