EN 
NL 
DE 
Information security is important, especially when working with customer data. Marketing agency spotONvision fully agrees. The company therefore decided to obtain ISO 27001 certification through DigiTrust.
The run-up to the audit for the ISO 27001 certificate can be quite intensive, noticed Mariëlle Meijwes, senior marketing programme manager at spotONvision. "We started preparing last year and then it's all still quite abstract. But the closer you get to that certification audit, the more concrete it becomes. This process has allowed us to connect the dots in all our processes.
"With 16 employees, we are not very big. A four-day audit like that is quite a drain on your schedule," Meijwes continues. But we were particularly looking forward to the moment we would be officially certified. A confirmation to our customers that we take information security very seriously."
For the team, it did prove exciting. "Since it is about information security, we trained the whole team and took them through the company's procedures and processes. Everyone has to follow the rules. You are questioned about that during such an audit and the employees found that quite exciting."
The audit
Before the audit gets under way, a tender is issued. "We looked at several parties and received proposals from all of them," Meijwes says. "The methodology of those companies is of course the same, but it is important to us that, as a small agency, we are not lumped together with large companies, which deal with different security issues. The pragmatism is very important to us, which is why we chose DigiTrust."
The first phase of the audit then took place in January this year. "In that first phase, it tests whether you are ready. In it, you run through all the different standards requirements, to see if you haven't forgotten anything. This showed that we could move on to the second phase.
The second phase, at the end of February, was the test of the operation and demonstrability of the management system within spotONvision. Among other things, it looked at our information security policy, the risks and our measures to address them, procedures, internal audits and the management review. The good check on the current set-up also gave us a lot of inspiration to improve our information security management system (ISMS) even more.
Certification
In March this year, spotONvision received its ISO27001 certification from director Marco Bijl. "I really like the fact that Marco came personally for that. It's a nice moment to finalise it and celebrate the success with the whole team."
Meijwes looks back positively on her experience with DigiTrust she says. "The process was very pleasant and went very well. I think that is mainly due to the way Marco handled it, also in the communication towards us. He is quite pragmatic and understands what is important in a company like spotONvision when it comes to data security."
Meijwes would therefore definitely recommend DigiTrust to others for their certification. "They provide good guidance on the certification process itself and are pragmatic during the audit itself. That is very important for us."
