Last week BIT was subjected to the triennial recertification audit according to ISO 27001 and NEN 7510. And with success, because BIT is nominated for recertification for both norms!
ISO 27001 and NEN 7510
ISO 27001 is the international norm for information security for which BIT has been certified since 2011. NEN 7510 is the national norm for information security in healthcare, for which BIT has been certified since early 2016. Both norms set requirements for an organisation, including the areas of identification and risk management, handling (information security) incidents, calamities and physical and logical security and the continual improvement of information security.
Our affairs are in good order
For four days, an auditor of DEKRA has talked to several of BIT’s employees, looked at documentation and inspected the datacenters. The conclusion, as we expected, was that we have our affairs in good order. No deficiencies have been identified, so BIT will be nominated for recertification of both norms. This means that from 1-1-2017, we will be recertified for three years. Every year an interim check will be performed by means of a shorter surveillance audit to see whether or not BIT still performs to the required standards, and after three years a full recertification process will need to be administered.