🇳🇱 Netherlands

BIO — the Dutch government security baseline

The mandatory information-security baseline for Dutch government bodies, built directly on ISO 27001/27002.

What is BIO?

The Baseline Informatiebeveiliging Overheid (BIO) is the common information-security baseline for all layers of Dutch government — central, provincial, municipal and water authorities.

BIO is based on ISO/IEC 27001 and 27002 and introduces baseline protection levels (BBN) so each organisation applies controls proportionate to the sensitivity of its information.

BIO at a glance

ISO 27001/27002 based

Reuses the ISO control structure with government-specific requirements.

BBN levels

Baseline protection levels matched to information sensitivity.

Government scope

Mandatory for central, provincial, municipal and water-authority bodies.

BIO with ResiPlan

ResiPlan includes a structured BIO baseline and runs a maturity GAP analysis with evidence and reporting.

Because BIO is ISO-based, cross-mapping means an ISO 27001 assessment in ResiPlan largely pre-fills your BIO controls.

See all 10 covered frameworks The cross-mapping engine

Frequently asked questions

What is BIO?

The Baseline Informatiebeveiliging Overheid: the Dutch government's information-security baseline, based on ISO 27001/27002, with BBN protection levels.

Who must apply BIO?

All Dutch government layers — central government, provinces, municipalities and water authorities.

Other frameworks

ResiPlan covers 10 frameworks with cross-mapping: assess once, prove everywhere.

ISO 27001 NIS2 DORA 🇳🇱 CYRA 🇧🇪 CyFun 🇩🇪 BSI IT-Grundschutz 🇫🇷 ANSSI 🇪🇸 ENS 🇮🇹 FNCS

Assess your BIO compliance

Run a maturity gap analysis, attach your evidence and generate a report — with cross-mapping to the other frameworks.