Risk management, security and privacy within education

Society, and thus education, is digitizing and with it digital risks are increasing. Data of pupils, students, parents and employees must be well protected. How digitally resilient are we really? And are we doing the right things to become more resilient? To achieve effective and efficient protection, good risk management is essential. Knowing what unacceptable risks you face gives direction to the implementation of your information security and data privacy. You can only use your capacity and spend your money once.

Play video

Perium explained in 2 minutes.

Information Security Policy

Educational institutions are increasingly aware of the need to regulate information security and privacy properly. Sector organizations and sector councils are drawing attention to this and administrators can be called to account by supervisors if, for example, no information security policy is available. Administrators are ultimately responsible for the security and privacy of (personal) data. Targeted steering and monitoring by the board and management is of great importance. The government insists on periodic security audits, performed by external parties.

To demonstrably get and keep your risk management, information security and data privacy in order for your educational institution, there are fortunately several best practices available. For example, Kennisnet has published the IBP (Information Security and Privacy) Approach, which is based on ISO27001 and ISO27002. This standard states how organizations can manage their digital risks and which security measures can be taken, in the areas of policy, organization, ICT, personnel and building management. This provides an excellent structure and footing.

Approach to IBP

Perium has included relevant best practices in its platform especially for education. For example, validated digital risks are linked to the management measures of the IBP Approach. The deployment of this IBP Approach in combination with the use of Perium offers an educational institution many advantages such as working efficiently, reduced audit burden and being demonstrably in control. Other standards such as ISO27001/27002 also offer these advantages. A nice addition to these standards is the ISO27701. This is the standard in the field of privacy protection and helps you become compliant with the AVG/GDPR (data privacy).

Whatever standard you choose, Perium offers optimal support. You get a grip on your (digital) risks and the mitigation of these risks using your control measures. Our platform gives you real-time insight into your risks, control measures and improvement plans. This allows you to be efficiently and effectively in control and to perform security audits faster and cheaper.

Getting started quickly and easily

If you try our trial version for free and without obligation, you will immediately notice that the platform works intuitively. We offer templates you can use right away.

Many risks and measures have already been identified. Perium has already prepared these risks and standards for you. No need to reinvent the wheel. And does your organization have specific risks? You can add those in a minute.

Once you get going, you keep going. Your organization's resilience improves every day thanks to the built-in improvement cycle.

Request a Perium Free Trial account


The ISMS (Information Security Management System) drives your information security activities. It ensures a continuous improvement process using the PDCA cycle. Besides the ISMS (ISO27001), Perium also includes other relevant management systems such as the PIMS (Privacy Information Management System) or the QMS (Quality Management System), the quality system according to ISO9001.

Are you facing the challenge to bring information security to a higher level and meet the IBP Approach and also be compliant with the AVG/GDPR, then our platform also offers the principles of the AVG/GDPR in combination with the ISO27701 standard. In combination with the IBP Approach or the ISO27001/27002, you thus create one environment with an ISMS and/or PIMS for improving information security and data privacy. With the help of the PDCA cycle in Perium you come and stay demonstrably in control.

With the Perium platform, you get:

Perium can also be easily deployed for risk management in other areas such as strategic, financial, outsourcing or for specific processes or projects.

Do you also want to manage your risk management in a well-organized way? Feel free to ask for a free demo so that Perium can also optimally support you and your organization.