Have all measures for information security been taken?
ISO 27001 is an international standard that aims to ensure information security through policies, procedures, and controls, with an emphasis on the confidentiality, integrity, and availability of information.
Naturally, a web development team must ensure proper information security. This includes keeping everything up to date, monitoring, creating backups, implementing secure passwords, MFA, DTAP, etc. Fortunately, we already had a lot in place.
However, along the way to this certification, we were made aware of several areas for improvement. These have since been improved, and/or the (plans for) improvements have been approved by the independent auditor.
Establishing the ISMS (Information Security Management System) was a significant investment in both time and money, but we are proud that, thanks to this work, we are now formally certified for ISO 27001:2022. 🥳.
Our thanks also go to Frank van Keulen, our external Information Security & Privacy Advisor, without whom this would have been a lot harder!
