Status message
Masterclass Review Framework Information Security
In this master class, you will learn about the 2021 Assessment Framework (SURFaudit NBA model) so that you can properly carry out an assessment, for example in the context of the benchmark. With inspiring in-depth sessions and keynotes, you will be well prepared when you start working with the assessment framework.
- 30 — 31 May 2023
-
Time30 May 10 am - 31 May 5 pm
-
LocationSURF office, Utrecht
Background
In higher education and mbo, the NBA Maturity Model for Information Security is used as the basis for the assessment framework for the information security benchmark.
Getting started with the Information Security Assessment Framework
The Information Security Assessment Framework master class will help you make the transition to this new assessment framework, and is also interesting for FGs, privacy officers and auditors. Under the guidance of expert Ludo Cuijpers, you will work hands-on with the statements from the NBA assessment framework. There is plenty of room to exchange experiences and discuss good practices with each other. In addition, inspiring keynotes and in-depth sessions are scheduled by various experts. In between, there will be plenty of opportunity for informal contact.
Programme
During the four sessions, we will discuss all fifteen domains of the NBA model. Below is the outline of the programme.
Tuesday
| 10.00 |
General introduction to the NBA model and Benchmark IB (SURF / MBO Digitaal) |
| 10.15 |
Presentation on outsourcing and chain security (Niels Dutij, MBO Digitaal) |
| 10.30 | Short break |
| 11.45 | Presentation governance and HRM (Ludo Cuijpers, ROC Nijmegen/ HAS green academy) Domains NBA model covered: Governance, Organisation |
| 13.00 | Break + lunch |
| 14.00 | Presentation governance and HRM (Ludo Cuijpers, ROC Nijmegen/ HAS green academy) Domains NBA model covered: Risk Management, System Development, Physical Security and Data Management |
| 15.30 | Break |
| 15.45 | Risk management presentation (Maurits Toet, IT auditor Cerrix) Domains NBA model covered: Identity & Access Management and Assurance (Governance domain) |
| 17.00 | Dinner |
Wednesday
| 10.00 |
Security management presentation (Hub Gerats, Fontys University of Applied Sciences) |
| 13.00 | Break + Lunch |
| 14.00 - 17.00 |
Presentation configuration management, incident/change management, ITIL processes (Hub Gerats, Fontys University of Applied Sciences) Joint closing, exchanging experiences and conclusions |
Registration and cancellation
Register for this master class no later than 23 May.
Registration is not free of obligation; please read the cancellation conditions for SURF meetings.
Number of participants
The maximum number of participants is 15; if there are fewer than 10 participants, the master class will not take place.
Costs
The costs are 500 euro per participant (excluding VAT). SURF will arrange the registration of the masterclasses. The SURF registration system only accepts direct payment (iDeal or credit card). After completing your registration, you will receive an e-mail as confirmation with the invoice attached.
Can't make it on this date?
This Masterclass will also be given on 20 September as a one-day online Masterclass and on 2 and 3 November as a two-day Masterclass. If you want to know more about these master classes, press one of the buttons for more information