Information security is essential to doing business. More and more business partners and suppliers of all sorts of organizations are concerned about the security of their information. An ISO 27001 certification can help take away those concerns. ISO 27001 supplies the norm for an information security management system which helps organizations define the activities concerning the management of their information (security) risks. We have guided Hillbrook preceding and during the certification process which resulted in them actually obtaining an ISO 27001 certificate without any remarks from the external auditor.
In Februari 2018 Hillbrook reached out to Nerd as a Service via a mutual acquaintance. Hillbrooks growing customer base, the size of their customers, and their requirements came with an increased burden with regard to information security and associated reporting requirements towards their customers. Paired with the introduction of the GDPR in 2018, Hillbrook asked us for input on how to handle these “growing pains”.
By acquiring a form of certification it was expected to become easier to fulfil the requirements of these clients. After a short period of deliberation it was decided that Hillbrook was to pursue ISO 27001 certification.
During the following months, Nerd as a Service drafted a tailored information security policy for Hillbrook, hereby codifying the information security management system as is outlined by the ISO27001 norm. In the following months, Hillbrook received assistance in all required formalities that were defined in this policy. Ultimately, an external auditor decided that all defined processes and policies were in compliance with the norm and decided to grant Hillbrook their ISO 27001 certificate.
There are a lot of organizations that don’t have the technical knowledge or resources to understand the complexity of their own infrastructure. That is why we try to help organizations by explaining it in a way that suits the organization’s technical level.
In this case, we also assisted the Hillbrook management team to understand the complexities of their in-house hardware setup.
“Jeroen helped us to understand our technical infrastructure by explaining the complex technical details of it. He explained it in a way that everybody (even non-tech) could understand.”
Lyke Apontoweil, partner at Hillbrook
The goal of certifications is to professionalize organizations. Many markets are highly competitive and having these kind of certifications can make you stand out from your competition.
“Because of the pragmatic and competent way of working we were able to make big steps in professionalizing our organization.”
Mirjam Hasselt, Office manager at Hillbrook
Professionalization can be a bit of a boring process. But for everyone who knows us, knows we don’t do boring. The participants from Hillbrook did not only describe our way of working as professional and pragmatic: “The collaboration was informal, enjoyable and reassuring as well. Jeroen knows what he is talking about, which resulted in a mutual trust.”
You can use our help with ISO27001? Sure! give us a call. We will help you through the whole process just like we have done for Hillbrook.
ISO27001 certification, 5 reasons why (Coming soon);