Organizations with a (web) application that use a DigiD connection point must annually carry out an ICT Security Assessment (DigiD assessments / DigiD audit) commissioned by the Ministry of the Interior and Kingdom Relations. An assurance audit must be carried out by an RE (Register EDP auditor) on the basis of the Logius standards.
Secura has been carrying out the annual audit that Logius requires for its customers for many years. In doing so, we can also integrate the technical security tests (pentests) into the audit by using our security experts. This definitely provides efficiency benefits. Furthermore, as a client you only have to deal with one party that provides all the components of the DigiD assessments.
Watch the online DigiD webinar
In our approach, we distinguish the following scenarios:
- Preparing DigiD assessments
- Perform Pre-audit DigiD assessments
- Perform DigiD assessments
The DigiD assessments are annual audits that are not a daily work set for your organization. Our experience shows that with thorough preparation you can make the assessments run smoothly and reduce the risk of non-conformities.
Particularly in the case of a first connection audit, the emphasis is on gaining insight into the meaning of the standards and the associated control measures. The emphasis will also be on setting up the audit process. In subsequent years, the focus is on improvement measures, standardizing and optimizing the audit process. We use experienced auditors to guide you in this phase.
Do you need support with preparing and performing the DigiD assessment in your organisation?
Please do not hesitate to contact one of our experts on +3140 990 2377 or send an e-mail to firstname.lastname@example.org, to identify your needs and come up with a solution that seamlessly integrates with your question.
For more information see also our dedicated Dutch webpages about DigiD.