BIO 2.0 (baseline informatiebeveiliging overheid) is a Dutch standard for information security, specifically developed for the government. It consolidates and replaces BIR (baseline informatiebeveiliging rijk), BIG (baseline informatiebeveiliging gemeenten), BIWA (baseline informatiebeveiliging waterschappen) and IBI (interprovenciale baseline informatiebeveiliging).
It contains 122 extra controls, refining the already existing controls in ISO 27001:2022 Annex A. You can maintain one Information Security Management System (ISMS) for both standards at the same time.
BIO is relevant for Dutch government bodies, as well as their (international) contractors and service providers
A key difference with it’s predecessor BIO 1.04 (BIO:2018), is that it does not prescribe controls based on BBN and/or role, but requires the organization to follow ISO 27001:2022 and decide on the necessary controls using a formal risk assessment.
Benefits
- Contain instructions how to update an existing ISO 27001:2022 implementation to comply to BIO 2.0
- For each control the extra impact is indicated, as compared to ISO 27001:2022
- While the BIO standards are published in Dutch, this product contains validated English translations
- Contains instructions in case you’re upgrading from BIO 1.04
Add-ons can be used together with Instant 27001 for Confluence or Microsoft 365 (ISOPlanner). Instructions for installation and implementation are provided.
Pricing
€ 1 495
All prices are excluding applicable taxes and subscription fees for Confluence, Microsoft 365 or ISOPlanner.