{"id":7018,"date":"2018-12-30T13:24:00","date_gmt":"2018-12-30T12:24:00","guid":{"rendered":"https:\/\/naris-prod.azurewebsites.net\/10-zinnen-die-de-risicomanager-beter-kan-vermijden-copy-2\/"},"modified":"2021-12-28T13:49:19","modified_gmt":"2021-12-28T12:49:19","slug":"bio-baseline-informatiebeveiliging-overheid","status":"publish","type":"post","link":"https:\/\/www.naris.com\/nl\/bio-baseline-informatiebeveiliging-overheid\/","title":{"rendered":"BIO"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Wat is de BIO?<\/h3>

De Baseline Informatiebeveiliging Overheid<\/a> (kortweg: BIO) is per 2019 van kracht. Waarbij 2019 een overgangsjaar is, en per 1 januari 2020 dienen alle overheden te voldoen aan de Baseline Informatiebeveiliging Overheid. De BIO is een normenkader waar alle overheidsinstanties aan dienen te voldoen. Voorheen waren de Baseline Informatiebeveiliging Rijk (BIR), Interprovinciale Baseline Informatiebeveiliging (IBI), Baseline Informatiebeveiliging Gemeenten (BIG) en Baseline Informatiebeveiliging Waterschappen (BIWA) normenkaders waar respectievelijk de Rijksoverheid, Provinciale Overheid, Gemeenten en Waterschappen aan dienden te voldoen. Al deze normenkaders (BIR, IBI, BIG, BIWA) zijn vervangen voor \u00e9\u00e9n normenkader.<\/p>

De BIO beschrijft de invulling van de ISO 27001 en 2 voor de overheid. Maar vervangt de ISO niet.<\/p>

Wie dient er aan te voldoen?<\/h3>

De volgende overheidsinstanties dienen te voldoen aan de BIO:<\/p>

\u2013 Rijksoverheid<\/p>

\u2013 Provinciale overheid<\/p>

\u2013 Gemeenten<\/p>

\u2013 Waterschappen<\/p>

Wat wil men bereiken?<\/h3>

Met het invoeren van de BIO beoogt men de beveiliging van informatiesystemen bij alle overheidsonderdelen te verbeteren. Alle overheidsinstanties kunnen hiermee aantonen dat de informatie die wordt verstuurd, of ontvangen voldoen aan passende wet- en regelgeving en daarmee goed beveiligd zijn.<\/p>

Implementatie<\/h3>

Voor een juiste implementatie van de BIO dient men de ISO27002 met alle controls toe te passen (of uit te leggen). Dit heet ook wel \u201ccomply or explain\u201d (\u201cpas toe of leg uit\u201d). Het normenkader van ISO27001 en 2 bestaat uit 114 maatregelen welke eenvoudig en overzichtelijk in te richten zijn binnen de organisatie. Veel van deze maatregelen zullen ook al ge\u00efmplementeerd zijn binnen de bestaande processen. Echter is het nodig om te komen tot het inzicht dat, en waar deze maatregelen worden uitgevoerd.<\/p>

In control<\/h3>

Met implementatie ervan is men er helaas nog niet. Want hoe laat men zien dan de 114 maatregelen zijn toegepast of uitgelegd? Hoe bent u aantoonbaar in control? Vanuit Naris bieden wij \u00e9\u00e9n standaard framework voor de BIO waarin het normenkader, inclusief maatregelen en risico\u2019s in \u00e9\u00e9n oogopslag inzichtelijk zijn. Op deze wijze is het \u201ccomply or explain\u201d principe op overzichtelijke wijze geborgd en eenvoudig te rapporteren binnen uw organisatie.<\/p>

Wilt u meer weten? Neem contact<\/a> op met \u00e9\u00e9n van onze adviseurs.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Wat is de BIO? De Baseline Informatiebeveiliging Overheid (kortweg: BIO) is per 2019 van kracht. Waarbij 2019 een overgangsjaar is,…<\/p>\n","protected":false},"author":20,"featured_media":5751,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[18],"tags":[83,4],"class_list":["post-7018","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artikel","tag-informatiebeveiliging","tag-risicomanagement"],"_links":{"self":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/7018","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/comments?post=7018"}],"version-history":[{"count":13,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/7018\/revisions"}],"predecessor-version":[{"id":16285,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/posts\/7018\/revisions\/16285"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/media\/5751"}],"wp:attachment":[{"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/media?parent=7018"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/categories?post=7018"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.naris.com\/nl\/wp-json\/wp\/v2\/tags?post=7018"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}