Ondertekening GRC-applicatie
News

GRC application available through SURF in December

On 16 October, SURF and MBO Digitaal signed the framework agreement to provide GRC application through TrustBound. This tool helps identify security risks and describe appropriate measures. With this application, institutions can work (together) more conveniently and learn from each other. Institutions will be able to purchase the application via SURF in December.

The signing is the result of a careful preparation and tendering process led by SURF. This started with drawing up a programme of requirements appropriate for the entire education sector, because in addition to higher education, secondary schools can also purchase the application via mbo-digitaal. The tendering procedure was published in June 2023 and the contract was provisionally awarded to TrustBound at the end of August. This was followed by a 'Proof of Concept' period, during which TrustBound demonstrated that its GRC application actually meets the programme of requirements.

What does the GRC application do?

GRC stands for Governance, Risk and Compliance. The primary purpose of a GRC application is to support the quality management process around information security and privacy. It helps to identify security risks and describe appropriate measures. This gives IBP officers and responsible managers and board members an up-to-date picture of the institution's information security maturity so that they can focus on risk mitigation measures. By introducing a uniform GRC application, institutions can work (together) more conveniently and learn from each other.

Available via SURF in December

SURF will now set up the GRC application as part of SURFaudit so that institutions can start using it in December. If you are interested in the application please contact SURF.

Read more about the GRC application