EN 
NL 
DE Certification path
The certification process has a number of logical steps. In the visuals below, we explain this step by step. If you still have specific questions about what this means for you, or if you want to know when the audit is possible in terms of planning, please let us know. We will answer your questions quickly.
- Your audit starts when it suits your organisation
- Personal guidance throughout the certification process.
- Sharp prices
More than 500 organisations have already gone before you.
The certification process explained
The optional pre-audit
During the Pre-audit, we check whether you are ready for certification. What is the status of the management system? Are there any issues that may not be in order? Together with you, DigiTrust can determine which topics should be covered during this pre-audit. We also determine the duration together. Usually this is between 2 and 4 days for a good picture of the management system and all control measures. After each pre-audit, DigiTrust provides you with a clear audit report, detailing where you may not yet be working in accordance with the ISO 27001 standard requirements.
Tip; this is a frequently chosen option. It allows you to really start the process and immediately get a good idea of where you stand as an organisation. Also read our ISO 27001 checklist for more information.
Initial certification
DigiTrust tests whether the system works and functions according to the requirements from ISO 27001. This assessment also includes the review of all operations at your office as well as at the implementation site. The initial certification consists of 2 parts. The phase 1 and phase 2 audit.
During the phase 1 audit, we take an outline look at your management system (ISMS) and whether you are really ready for the phase 2 audit. We will also create the audit plan together for the phase 2. Who do we need when.
During the phase 2 audit, we test the ISMS and all management measures.
Phase 1 certification process
During the phase 1 audit, we take an outline look at your management system (ISMS) and whether you are really ready for the phase 2 audit. We will also create the audit plan together for the phase 2. Who do we need when.
Phase 2 certification process
During the phase 2 audit, we test the ISMS and all management measures.
Issue certificate
In case of a positive assessment, the auditor will nominate the organisation for certification. The certification manager will do a quality check on the file. If everything is in order, you will receive the ISO 27001 certification.
Control 1
During the term of the certificate, which is usually three years, DigiTrust will conduct an annual surveillance audit. During a surveillance audit, we take a sample on the various standard elements. In case of a positive assessment, the current certificate will be continued.
Control 2
DigiTrust will visit about three months before the certificate expires for the reassessment. This assessment is of the same scope as the one at step 2 and should ensure that if the result is positive, the certificate is renewed for another three years.
ISO 27001 certification costs
A frequently asked question is: what is the cost of ISO 27001 certification? Basically, this always depends on various criteria, so we cannot give an unequivocal answer. Consider, for example, the size of your organisation and thereby the number of audit days required. Want to know more about ISO 27001 certification costs or at all about the investment required for a review audit to assess your ISO compliance? Read more here.
- Read more about the certification process:
- Certification path
- Information security standard
- Pre-Audit
- First phase assessment process
- Second stage assessment process
- Recurring evaluations
- Triennial reviews
- Report
- Certification
- Buy standard
![logo-zl-concern[1]](https://www.digitrust.nl/wp-content/uploads/2025/02/logo-zl-concern1-300x90.jpg){kind=logo}
![cmyk-Logo Cura Mare [top]](https://www.digitrust.nl/wp-content/uploads/2024/09/RGB-Logo-CuraMare-300x45.jpg){kind=logo}
Questions about a Certification path or curious about the possibilities?
Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at sales@digitrust.nl or use our online contact form. We will be happy to visit you for a no-obligation introduction.
More than 300 organisations have already gone before you.