Risk management, security and privacy within housing associations

Security incidents are about more than IT and potential financial risks alone. Housing associations manage a lot of personal data, and safeguarding tenant privacy and confidentiality of information about people but also objects is essential. Media reports of data breaches and hacks are increasingly affecting housing associations as well.

Play video

Perium explained in 2 minutes.

Demonstrated digital resilience

Increasing regulatory burden and compliance requirements are adding to the burden of housing associations. Do you recognize this? Then our platform can help your organization with risk management and the design and implementation of information security and privacy protection through an ISMS and/or PIMS. A risk-based approach is essential in order to work efficiently and effectively.

Several surveys show that housing associations see the value and necessity of good risk management and want to be in control. Especially in the field of information security and privacy. The sector is working hard on further digitalization and of course this includes the necessary digital resilience. Internal and external regulators attach increasing value to optimal demonstrable digital resilience.

To get a handle on the risks and challenges facing the industry, a structured approach is indispensable. Risks must be related to appropriate control measures and a cyclical approach should lead to continuous improvement.

Baseline Information Security (Housing) Corporations

The BIC is the information security standard for housing associations. The goal of the BIC is to make the sector more digitally secure. Deploying the BIC offers housing associations many benefits such as working efficiently, reduced audit burden and being demonstrably in control.

Other standards such as the ISO27001/27002 also offer these benefits. A great addition to these standards is the ISO27701. This is the standard in the field of privacy protection and helps you become compliant with the AVG/GDPR (data privacy). Whatever standard you choose, Perium offers optimal support. You get a grip on your (digital) risks and the mitigation of these risks using your control measures. Our platform gives you real-time insight into your risks, control measures and improvement plans. This allows you to be efficiently and effectively and demonstrably in control.

Getting started quickly and easily

If you try our trial version for free and without obligation, you will immediately notice that the platform works intuitively. We offer templates you can use right away.

Many risks and measures have already been identified. Perium has already prepared these risks and standards for you. No need to reinvent the wheel. And does your organization have specific risks? You can add those in a minute.

Once you get going, you keep going. Your organization's resilience improves every day thanks to the built-in improvement cycle.

Request a Perium Free Trial account


The ISMS (Information Security Management System) drives your information security activities. It ensures a continuous improvement process using the PDCA cycle. Besides the ISMS (ISO27001), Perium also includes other relevant management systems such as the PIMS (Privacy Information Management System) or the QMS (Quality Management System), the quality system according to ISO9001. Do you have a challenge to be compliant with the AVG then we offer the ISO27701 as a standard. In combination with the IBP Approach or the ISO27001/27002 you create one environment with an ISMS and/or PIMS for improving information security and data privacy. With the help of the PDCA cycle in Perium you come and stay demonstrably in control.

Are you facing the challenge to take information security to the next level and comply with the BIC and also be compliant with the AVG/GDPR, our platform also offers the principles of the AVG/GDPR in combination with the ISO27701 standard. In combination with the BIC or the ISO27001/27002, you thus create one environment for improving information security and data privacy.

Using CORA as your reference architecture, you can define your process risks and link them to your control measures. With the help of the PDCA cycle in Perium, you will be and remain demonstrably in control.

With the Perium platform, you get:

Perium can also be easily deployed for risk management in other areas such as strategic, financial, outsourcing or for specific processes or projects.

Do you also want to manage your risk management in a well-organized way? Feel free to ask for a free demo so that Perium can also optimally support you and your organization.