Masterclass

Masterclass Review Framework Information Security

In this master class, you will learn more about the SURFaudit Information Security Assessment Framework so that you can properly carry out an assessment, for example in the context of the SURFaudit benchmark. With inspiring in-depth sessions and keynotes, you will be well prepared when you start working with the assessment framework.

Masterclass Toetsingskader informatiebeveiliging
01 — 02 Oct 2024
Time
1 October 10 a.m. - 2 October 5 p.m.
Location
SURF office, Utrecht

Background

In higher education and MBO, the NBA Information Security Maturity Model is used as the basis for the assessment framework for the information security benchmark.

Getting started with the Information Security Assessment Framework

The Information Security Assessment Framework master class will help you make the transition to this new assessment framework, and is also interesting for FGs, privacy officers and auditors. Under the guidance of expert Ludo Cuijpers, you will work hands-on with the statements from the NBA assessment framework. There is plenty of room to exchange experiences and discuss good practices with each other. In addition, inspiring keynotes and in-depth sessions are scheduled by various experts. In between, there will be plenty of opportunity for informal contact.

Programme

During the four sessions, we will discuss all fifteen domains of the NBA model. Below is the outline of the programme.

Tuesday

10.00 General introduction to the NBA model and Benchmark IB
10.15 Presentation on outsourcing and supply chain security
Domains NBA model covered: Human Resources, Supply Chain Management
10.30 Short break
11.45 Presentation governance and HRM (Ludo Cuijpers, ROC Nijmegen/ HAS green academy)
Domains NBA model covered: Governance, Organisation
13.00 Break + lunch
14.00 Presentation governance and HRM (Ludo Cuijpers, ROC Nijmegen/ HAS green academy)
Domains NBA model covered: Risk Management, System Development, Physical Security and Data Management
15.30 Break
15.45 Risk Management presentation
Domains NBA model covered: Identity & Access Management and Assurance (Governance domain)
17.00 Dinner

Wednesday

10.00 Security Management presentation (Hub Gerats, Fontys University of applied sciences)
Domains NBA model covered: Security Management, Business Continuity Management
13.00 Break + Lunch
14.00 - 17.00

Presentation configuration management, incident/change management, ITIL processes (Hub Gerats, Fontys University of applied sciences)
Domains NBA model covered: Configuration Management, Incident/Problem Management, Change Management, Computer Operations

Joint closing, exchanging experiences and conclusions

Registration and cancellation

Register for this master class no later than 24 September.
Registration is not optional; please read the cancellation conditions for SURF meetings.

Number of participants

The maximum number of participants is 15; if there are fewer than 10 participants, the master class will not take place.

Costs

The costs are 500 euro per participant (excluding VAT). SURF will arrange the registration of the masterclasses. The SURF registration system only accepts direct payment (iDeal or credit card). After completing your registration, you will receive an e-mail as confirmation with the invoice attached.

Prefer another date?

Would you rather attend this master class on a different date? You can! We also give this master class on 3 and 4 December.