We test, inspect, certify and train your organization to handle information securely. This includes penetration testing, ISO 27001 and NEN 7510 certifications. You’ll stay up to date and compliant with the latest laws and regulations, while providing clients and customers the confidence that their data is safe.
✓ One-stop-shop: services for OT, IT, and IoT under one roof
✓ Independent, objective assessments
✓ Expertise in laws and regulations
✓ Proven quality in testing, inspection, certification and training
✓ Forward-looking vision on cybersecurity
Working in accordance with the ISO 27001 standard helps you take a structured approach to information security. Kiwa’s experts have everything you need to prepare your organisation for ISO 27001 certification. We have extensive experience with this standard, from developing a step-by-step information security plan to implementing a full Information Security Management System (ISMS).
Kiwa was the first in the Netherlands to have a NEN 7510 accreditation and has a great deal of experience with regard to the NEN 7510 certification. Look here for more info!
To ensure that pentest providers deliver high-quality work, the Dutch Centre for Crime Prevention and Safety (CCV) has developed the Pentest Certification Mark. Kiwa contributed to its development and has been designated by CCV as an independent body for the evaluation and certification of this scheme.
ISO/IEC 27701 – an extension of the ISO 27001 standard – contains specific management measures for the protection of privacy-sensitive information. Based on ISO 27701, organisations that already work with an Information Security Management System can upgrade their system to a Privacy Information Management System.
Our experts have deep knowledge and experience in specific fields. Questions, dilemmas, or just curious? We’re happy to share our insights.
Kiwa is now officially accredited for EN 18031 parts 1, 2 and 3 – the newly introduced European cybersecurity standards for products. This accreditation positions Kiwa among the first bodies in Europe to support manufacturers in meeting the requirements of the upcoming EU Cybersecurity Regulation, which becomes mandatory as of 1 August 2025.
The Cyber Resilience Act (CRA) is the first European law to introduce mandatory cybersecurity requirements for all digital products entering the EU internal market. A national consultation was recently concluded in the Netherlands to determine how this law should be implemented Dutch legislation. In the meantime, manufacturers, importers and distributors of products covered by the CRA can already start preparing for what’s to come.
The NEN 7510 standard for information security in the healthcare sector has been revised. The new NEN 7510-1:2024 was published on 16 December 2024 and replaces the previous version, NEN 7510:2017+A1:2020. The old version of the standard can still be used for certification under accreditation until 20 February 2027.
To implement AI safely and responsibly, international standards such as ISO 27001 and ISO 42001 play a crucial role. While ISO 27001 focuses on data protection, an AI management system (AIMS) under ISO 42001 is designed to manage and optimize the use of AI within an organization. By combining ISO 27001 and ISO 42001, businesses can develop a stronger and more proactive approach to information security.
