English English
Nederlands Nederlands
Naar de homepage

Implementation of ISO 27001 certification

With practical and expert advice and support from Axxemble, you can quickly and easily implement information security according to ISO 27001 or NEN 7510 within your own organization.

 

Our implementation approach for an ISO 27001 or NEN 7510 certification consists of the following steps:

Establish context, scope, stakeholders and objectives

Analyse the context: processes, information systems, suppliers, etc.

Gain insight into risks based on a risk analysis (or several)

Implement required measures complemented by relevant best practices

Implementing the GDPR (processing register, etc.)

Increase awareness among employees (including training)

Implement internal control and internal auditing.

Preparation and organisation of operational planning

Preparation for certification through a pilot audit

Planning and conducting certification audits.

Determining the objectives and stakeholders

Online tooling

During implementation, we use Base27, the online ISMS with which you can get started right away. The implementation plan is ready and all tasks and required data are immediately collected in a well-organised way.

Axxemble offers you support in this by including:

  • Onboarding / kick-off (including introduction to the standard and Base27);
  • Biweekly progress meetings (online);
  • Conducting a pilot audit in preparation for certification.
  • Additional workshops in areas such as:
    • Conducting risk analysis(s);
    • Internal control / auditing;
    • Setting up operational planning;
    • Staff training / awareness;
    • Setting up monitoring and measurement.

Which parts you can do independently or want support with is entirely up to you. Of course, everything can be done via online consultation.

Free initial assessment for obtaining your certification

Information security is an increasingly important aspect for almost all organisations. With an ISO 27001 or NEN 7510 certification, an organisation demonstrates that it meets the specified requirements.

These standards specify requirements for establishing, implementing, executing, controlling, assessing, maintaining and improving a so-called Information Security Management System (ISMS).

This includes all measures and tasks to have information security in order. Examples include:

  • Establishing clear policies regarding information security;
  • Achieving strong access security;
  • Regularly performing patches and updates of software packages used;
  • Making staff aware of the risks;
  • Making the right contractual agreements with suppliers, partners and employees.

A long list where you quickly lose the overview and structure. Axxemble and its partners can help you with a fast and cost-effective implementation.

Request a free initial assessment now and get insight into your current status and the required commitment/costs for implementing certification.

Consultancy and/or support?

Need consultancy and/or support on implementing proper information security?

 

Stocksy_txp54c9b6c4aa9100_Medium_735955_klein

Policy framework for implemenation

Axxemble distinguishes itself by immediately providing overview and structure during implementation by using a standard framework, Base27. This provides not only easy collaboration, maintaining overview, etc., but also a standard policy framework (templates).

The implementation uses Base27, the online software tooling, and provides a framework that is customised for your organisation. 

Because the framework (an ISMS: Information Security Management System) already provides best practices for information security, you can start immediately and spend time effectively on what is actually needed for your organization. In this way, you will be ready for an audit or certification within a few months.

The technical measures can be implemented by your own employees, possibly in cooperation with or with support from Axxemble. If required, Axxemble can perform a penetration test for you to test these measures against known vulnerabilities.

Ongoing support

Information security is a continuous process. Axxemble, together with its partners, therefore offers you ongoing support in the field of information security even after implementation by, among other things:

 

 

Implementation of internal audits

Workshop risk management

Penetration testing on your own environment

Online awareness training for staff

 

The various components can be purchased as needed. Axxemble is your partner for a safe future and unburdens where it can.