First phase assessment process

We start the assessment process with a comprehensive explanation of DigiTrust's certification approach, so that you know what aspects are covered in the assessment and how we can work together in it.

During the first phase, we provide a comprehensive explanation of DigiTrust's approach. We get to know your organisation, management and information security management system. The information security policy, quality objectives, customer focus and the path to continuous improvement are discussed. Management review minutes and analyses following internal quality audits and complaints are reviewed with you. Finally, the quality manual, procedures and process records are verified.

Objective of the first phase is:

1. verifying to DigiTrust the organisational data you have provided;
2. Examine whether your information security management system contains all the elements required by the standard;
3. verify that the information security management system is ready for implementation review (the second phase of the assessment process);
4. discussion and review of your rationale for any exclusions from standards paragraphs.

The assessment takes place at your office. Based on the findings, we draw up a detailed programme for the second phase of the assessment process in consultation with you. Based on this programme, employees can be informed and prepared.

Want to know more about the steps of an ISO 27001 and/or NEN 7510 certification? Call DigiTrust's specialists on 088-2245600 or mail info@digitrust.nl.