in Dutch: Certificeringsschema informatiebeveiliging en privacy ROSA. This standard sets out agreements on the (basic) level of information security and privacy for applications used in education (primary education, secondary education, intermediate vocational education and higher education). It determines the level of Reliability, Integrity and Confidentiality of an application and prescribes the necessary measures on that basis (see Assessment Framework). In addition, this standard provides details on how this can be achieved (see Process). And how this can be tested (see Supervision). Educational institutions must be able to assume that personal data are processed securely by educational applications within education.