Churchill once said: “Success is the ability to go from failure to failure without losing enthusiasm.” For sure, it is one of our CEO’s favorite one-liners and definitely true when we look back to our journey in getting an ISO 27001 certification.
Our ISO Journey
Becoming ISO certified is all about focus and priority. It was on our wish list for a long time, and we are sure about at least two leads which we lost because we did not have the certificate yet. But if there is no real need, the certification process tends to fall off the wagon, which it did time and again over the last years.
So, we needed a mandatory requirement, an imperative incentive from one of our customers to finally go for the certification journey. Even for the bigger companies, it is hard to stay on top and get focus and priority to achieve the certification, so you maybe you can understand what it meant for our company, where everything is always important and have to be finished yesterday. This is a normal day at the office and we are quite good in dealing with it, but the ISO is coming with a structured way-of-working which you just have to find out how it works, -on top of your normal tasks.
Achieving Certification: A Milestone for Our Company
But in the end, we succeeded. We started last year in October and after one year of thorough deep diving into the requirements, some really nice professional help, from the bottom of my heart, I can say: WE FINALLY DID IT!
On the 4th October we achieved the ISO 27001:2022 certification with the scope: “Information security related to monitoring and maintenance of infrastructure.” We have achieved it for both locations in NL and Spain and we are truly, really proud that we did it.
When starting this journey, everything is about being in control. That is what our CEO tend to tell our customers too, that we should be in control. And being in control does not mean that everything is mitigated, that all risks are reduced, but that you know your vulnerabilities so you can make a weighed decision on whether to take the required measures to reduce the risks.
Maybe it costs too much, maybe it is not so important after all, but we are aware, and we can make a well-founded decision. And that is what we have achieved. It is not only about getting the certificate, but it is about being in control.
We are in control now.
Special thanks to:
– Dominique Kindt from Birdseye to give us the final push.
– Lauren ten Wolde and Edward van Deursen from SECURESULT for the first audit.
– Mischa van der Vliet from AudITvision for sharing your knowledge and guiding us through the internal audit.
– Daan Koot from Brand Compliance B.V., who was (and still is) our external auditor, for your patience and professionalism.
– our LinProfs Team for your understanding, for the support throughout the whole process and accepting the ISO way-of-working.
And finally, our special thanks to our Security Officer, Iulia. This would not have been possible without her perseverance! We have been going through this journey together, but without her effort and willingness to get things done and get it done in the right way, we would not have achieved this. Our journey together continues.
Comments are closed