Customer case: SPL | As a start-up to an ISO 27001 and NEN 7510 certificate in 6 months

Collaboration between SPL and Fendix

SPL is an innovative player in the field of designing, building, managing and optimizing digital infrastructures. And, of course, a digital infrastructure must be secure. At the start of the journey in March 2023, SPL had only been in existence for 6 months. Yet they already wanted to take on the big challenge. After all, obtaining ISO 27001 and NEN 7510 certification helps companies reduce information security risks and prevent incidents. Fendix successfully took up this challenge with SPL: resulting in an ISO 27001 and NEN 7510 certificate in 6 months.

‍

The start of the project

Jelle van Onna became the designated consultant to guide SPL to success. "When I started at SPL, I became part of a team of six, working closely with the general manager, operations manager and security officer," Jelle says. So at that time, SPL had only been in existence for six months. Despite that, they were determined to meet ISO 27001 and NEN 7510 standards right away. SPL's determination not only provided a solid information security foundation, but also helped the organization get off to a smooth and organized start. The creation of the personnel manual is an excellent example of this.

‍

This is how the process went

Jelle was present weekly on Mondays, where he spent one to two hours with the project team and reserved another hour for individual sessions with team members to whom "homework" had previously been assigned. During these sessions, he was always available for questions via phone or email. In doing so, the approach was tailored to the needs of the organization. "The process went extremely smoothly while I myself was continuously present on site. The organization has fully implemented information security into its processes, with a structured approach to things like onboarding and project planning," indicates Jelle.

‍

The Final Leads

In July 2023, the first dress rehearsal was scheduled. Mathijs Oppelaar, also a consultant at Fendix, conducted the internal audit. The internal audit, a requirement from the ISO 27001 standard, is an examination of the proper and reliable functioning of the business processes and ways of working. Based on an audit schedule, all components are assessed and tested. After making the necessary improvements, it was time for the real work: the external audit took place in September 2023. This last hurdle was taken convincingly: with only 2 points for improvement and 0 shortcomings, the ISO 27001 and NEN 7510 certificate was a fact!

‍

Even more profits

The implementation of ISO 27001 and NEN 7510 has not only strengthened SPL's information security: it has provided a structured approach to the growth of the organization. Several key procedures and policies were established during the implementation. This ensured that the start-up was able to develop and professionalize at a rapid pace. So even more profits!

Do you also want to obtain your ISO 27001 and/or NEN 7510 certification and need help with this? Feel free to contact us. We are happy to tell you more about what we can do for you.  

‍

‍