BIO (Baseline Informatiebeveiliging Overheid) is the Dutch government's information security baseline applicable to all government organizations. It provides a structured approach to information security management tailored to the public sector.
BIO is based on ISO 27001 and ISO 27002 but includes additional measures specific to government requirements, such as specific handling of classified information and compliance with Dutch government policies. Organizations must demonstrate compliance with BIO controls.