Jump to navigation
Jump to main content
Select your language
Become a member?
Questionnaire Information Security - 2021
First name + last name
We can put you in contact with the CIO Platform Nederland via your known e-mail address.
What is your role irt Information Security?
I am CxO, though ultimately responsible for information/cyber security
I am CxO not ultimately responsible for information/cyber security
I am ultimately responsible for information/cyber security, but not CxO
I am working in the information/cyber security department
Main concerns regarding information security/cyber security (IS)
Select up to 3 answers for each question.
1. Organisation, set-up, verifiability of own organisation.
2. Inadequate classification of information.
3. Lack of security policies and resources tailored to classification level.
4. IS still not a responsibility of the business (awareness).
5. IS not sufficiently connected to agile application development.
6. Limited grip as IS officer on the purchase of applications or devices by the business.
7. Lack of overview of coherence and dependencies of the systems used.
8. Growing complexity and decreasing relevant knowledge.
9. Knowledge disappears from still important systems, how to handle knowledge management.
10. Lack of redundancy in systems.
11. Not being able to implement changes in laws and regulations in the systems in time.
12. Unaware/incompetent users.
13. Insufficient IB staff to cope with the work.
14. Lack of security event management.
15. Lack of crisis management.
16. Use of private and mobile devices by employees.
17. Too little practice in procedures in case of incidents.
18. Too little supervision and support on the correct use of systems in connection with working from home.
19. Security underexposed in data governance.
20. Too little budget to organise all adequate IS efforts.
21. There is too little board involvement in IS.
22. Insufficient insight into return on investment in IS.
External with whom you have a relationship
1. No insight into IS level of suppliers.
2. No insight into third-party dependencies and/or the security level of chain partners
3. Limited liability of suppliers for insufficiently secure products and services.
4. Limited / no support from suppliers for (older) systems/applications.
5. Inadequate patch management by suppliers (mutual coordination and dependence).
6. Insufficient up-to-date information about vulnerabilities and incidents.
7. No clear contractual agreements & co-operation on IS.
8. Lack of clarity in importance of third party information/data for our systems.
9. No contractual agreements about handling or reporting of security incidents.
10. Insufficient grip on IS in case of outsourcing, how to gain certainty about the actual security level.
11. Insufficient grip on GDPR compliance in case of outsourcing.
12. Insufficient grip on IS with 'from the Cloud' service provision (including SaaS, PaaS).
13. Insufficient exercise of cyber incidents with chain partners.
14. Insufficient alternative providers to switch to safer providers
1. Entanglement of agencies involved in regulation, supervision and support of IS.
2. Reliability of supervisory bodies (i.a. Data Protection Authority); are they competent and do they take up their role properly?
3. Reliability of supervisory authorities; clarity about the scope of the controls.
4. Sharing information about (potential) threats/incidents and reporting on their handling.
5. Sensitivity to and dependence on foreign governments.
6. Cyber espionage, theft of trade secrets.
7. Cybercrime and lack of awareness of the risks.
8. Inadequate tackling of cybercriminals.
9. Vulnerability of intercontinental physical infrastructure.
10. Identity fraud, both for private and business identities.
Which threats are you most worried about at the moment?
Man in the middle attack
Data breach/data theft
From which corner do you expect the most important/most serious threat to your organisation?
Missing in this questionnaire is:
Board & Bureau
CIO Platform Nederland
2516 AB Den Haag
Coordinated vulnerability disclosure
© Copyright 2022 CIO Platform Nederland
Board & Bureau
Digital Strategy & Innovation
Become a member?