Did you know that the government maintains a list of open standards that governments are required to follow and are also highly recommended for companies and organizations? This list, known as the Comply or Explain policy, contains standards that contribute to more secure, interoperable and future-proof ICT systems.
Following these standards is not only smart for governments, but certainly also for entrepreneurs and businesses that take their digital security and compliance seriously.
What are open standards?
A standard is a documented agreement. When ICT systems exchange data with each other, they must follow the same standard to work well together.
According to the Standardization Forum, standards are “open” if they meet these requirements:
- The required documentation is freely available (free or for a reasonable fee).
- Anyone may use the standard freely, without restrictions by property rights.
- There is adequate participation in the (continued) development of the standard.
- The organization managing the standard is independent and sustainable.
By following open standards, you promote unambiguous and secure digital data exchange between governments, businesses and residents, and limit risks such as data breaches and cyber threats.
What does the Apply or Explain principle mean?
Through this policy, the government encourages the use of open standards. In a nutshell:
Apply
Government organizations are required to apply the open standards listed in new ICT procurements. They must require suppliers to support these standards.
Explain
If an organization cannot apply the standard (for example, due to technical limitations), it must provide a reasoned explanation as to why it cannot.
Why is this also important for your business?
For companies, there is no legal requirement (yet), but following these standards offers tremendous benefits:
- Stronger security of your systems and data.
- Increasedtrust from customers and partners.
- Preparing for possible future obligations from laws and regulations.
- Competitive advantage in tenders, especially when working with government agencies.
Why not voluntarily comply with standards that are proven to contribute to saferand more reliable operations?
We also offer you the possibility to use the open standards discussed in this document, such as SPF, DKIM and DMARC for your e-mail. This increases the security and reliability of your e-mail communication and reduces the risk of phishing and spoofing. For more information, check out this page.
Does this guarantee complete security?
Unfortunately, no. 100% digital security does not exist, human error, new threats and technological developments always play a role. But by applying the right standards, you show that you take security seriously and significantly reduce risks.
Security is a process, not a final destination. Applying open standards helps you work structurally and proactively to create a robust digital environment.
Conclusion
As a company, you are not required to follow the Comply or Explain list, but it is a strategic and valuable step toward better security and professional digital services. Sometimes standards seem complex, but often they are easy to implement with the right guidance.
Do you want to know which standards your organization can apply immediately? Or would you just like to spar about the possibilities to improve your digital security? Feel free to contact us for an informal meeting. Together we can make your organization digitally stronger!