Controls in Instant 27001 and the BIO add-on have been tagged with the labels BBN1, BBN2, BBN3, SG, PE and DL. Here’s what it means:


BBN stands for basisbeveiligingsniveau, or basic level of protection. Based on the classification of the information that is going to be processed, you will need to comply to BBN1, BBN2 or BBN3.

If you are required to comply to BBN1, it means you can disregard all controls labelled BBN2 and BBN3.


The second label is the role who is responsible for the implementation of this control.

SGSecretaris generaal, directeurSecretary general, directorRelevant only for government bodies (departments, agencies and municipalities)
PEProceseigenaarProcess ownerRelevant only for government bodies (departments, agencies and municipalities)
DLDienstenleverancierService providerRelevant for internal or external service providers, such as suppliers or shared service centers

In general, unless you are a government body, only the controls labelled DL are relevant for you.

100% first time success rate!
Start with confidence.

Order now   Book a demo