Home  »  Media Centre  »  Case Studies  »  Risk Management & IT Governance

De Lijn optimises information security

 

Information security has evolved from a mere technical matter to a management priority. At De Lijn, security used to be a matter of taking technical measures. No strategy was defined and security used to be one of the multiple tasks of ICT managers. De Lijn had always considered security as a pure cost.

 

As information security received an increasing attention, in and out of the company, De Lijn started to realise that it was so much more. We got an idea of what we wanted to achieve, but it was not clear how we had to realise our mission. At that moment, we called upon the Telindus consultants. These consultants have taught us how we could turn a technical vision into a global risk management strategy.

 

We also learned how to manage security in a cost effective way through an independent analysis of our ICT infrastructure, departing from our business needs. Based upon this analysis and ISO27000, a policy was designed with a clear focus on return on investment. Our security processes are not only better aligned on our business need, but they also control our information risks, even out of the ICT scope. Thanks to the Telindus approach, information security at De Lijn has evolved form cost center to an essential part of a sound company policy.