EN 
NL 
DE Information security standard
DigiTrust is happy to help your organisation achieve your desired certification and is the expert on information security in the Netherlands. Assessing your information security management system is our core business. We have our own team of auditors, who look closely at the context of your organisation.
- Your audit starts as early as one month.
- Personal guidance throughout the certification process.
- Sharp prices
More than 300 organisations have already gone before you.
"ISO certification is an objective system based on best practices."
Explanation of ISO 27001 and ISO 27002
The Code for Information Security provides a comprehensive set of measures for proper implementation - best practices - of information security in industry and commerce. The Code is the starting point for establishing the necessary security measures and can be used in large, medium and small organisations.
ISO 27001 is part of the ISO 27000 series with the main parts being:
- ISO 27001 - information security management system requirements;
- ISO 27002 - code of conduct for information security management;
- ISO 27003 - implementation guidance information security management system;
- ISO 27004 - information security statistics and measurements;
- ISO 27005 - information security risk management;
- ISO 27006 - requirements for auditing and certification bodies for information security management systems
ISO 27000 is maintained by the International Organisation for Standardisation (ISO) and managed by accreditation and certification bodies. The standards are revised every few years to keep them up-to-date. In October 2013, both ISO 27001 and ISO 27002 were revised.
ISO 27001 is the standard for information security. This international standard applies to all types of organisations - commercial enterprises, government agencies and non-profit organisations alike. The standard sets clear requirements for establishing, implementing, executing, controlling, assessing, maintaining and improving a documented information security management system.
The standard specifies requirements for the implementation of security measures tailored to the needs of individual organisations or parts thereof. The management system is designed to ensure the selection of adequate and proportionate security measures - which protect information and provide confidence to stakeholders.
ISO 27002 This international standard provides guidelines and general principles for initiating, implementing, maintaining and improving information security in an organisation. The objectives described in this international standard provide guidance on generally accepted information security goals.
The management objectives and management measures of this international standard are intended for implementation in order to meet the requirements identified in a risk assessment. ISO 27002 can serve as a practical guide to establishing security measures and effective information security management for the organisation, as well as to build trust in relationships between organisations.
You can order these standards from www.nen.nl or view a preview here.
Want to know more about the steps of an ISO 27001, NEN 7510 and/or ISO 9001 certification?
Call DigiTrust's specialists at 088-2245600 or mail info@digitrust.nl.
title 2
b
- Read more about the certification process:
- Certification path
- Information security standard
- Pre-Audit
- First phase assessment process
- Second stage assessment process
- Recurring evaluations
- Triennial reviews
- Report
- Certification
Title 5
a
Questions about ISO 27001 or curious about certification options?
Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at sales@digitrust.nl or use our online contact form. We will be happy to visit you for a no-obligation introduction.
More than 300 organisations have already gone before you.