SURFaudit benchmark: participate and see where you stand
How well does your institution take care of information security? The SURFaudit benchmark is a good way to see where you stand with respect to information security and privacy.
Why participate in the SURFaudit benchmark?
There are many reasons to participate in the SURFaudit benchmark. The most important ones are:
- Gain insight into the state of your information security and privacy protection
How does your institution handle information security and privacy protection? Is it under control? And how do you compare to fellow institutions and to your and our ambition?
- You contribute to the view of the entire education and research sector with respect to information security and privacy. That way we gain insight into trends and into our strong and weak points. We use that information to develop plans and initiate new joint projects to make the sector more resilient as a whole.
How does it work?
Each participating institution carries out the SURFaudit self-assessment. In the self-assessment you determine at which maturity level the controls are applied. Controls in the self-assessment method are grouped into the 6 clusters taken from the Standard for Information Security in Higher Education:
- Policy and organisation
- Staff, students and guests
- Rooms and equipment
- Confidentiality and integrity
- Monitoring and logging
This way we see which clusters need extra attention and which are in control for the sector as a whole.
Results of the benchmark
We process all scores entered by the participating institutions in a report that provides a sector-wide analysis of the results. We treat all scores confidentially and only share them with your own institution to show you where you stand compared to the sector as a whole.
Rapport SURFaudit benchmark 2019 (PDF, in Dutch)