ISO 27001 certification - A solid base for information security

ISO 27001 helps you to deal with information security in a structured way. Kiwa’s experts can certify your organisation against this internationally recognised standard and thus lay the foundation for a process-based approach to data security.

Receive a quote tailored to your needs

+31 (0)88 998 49 00 Contact us Get a quote

From 25 May 2018, the General Data Protection Regulation (GDPR) applies in all EU countries. The GDPR replaces the national privacy laws of the member states and ensures that the personal data of all EU residents is protected in the same way.

Privacy awareness

The GDPR revolves around more awareness of privacy. For example the GDPR prescribes risk analyses, processor agreements and, under certain circumstances, a data protection officer. By applying the GDPR, the EU is encouraging companies and institutions to deal more consciously and responsibly with privacy and personal data issues.

The ISO 27001 standard is used worldwide as a basis for information security. This standard contains requirements and guidelines for structuring information security, thus guaranteeing confidentiality, availability and integrity of information within an organisation. 

ISO 27001 and GDPR

The standard ISO 27001 covers almost the entire spectrum of information security, however it’s depth is limited when it comes to privacy protection. An ISO 27001 certificate is therefore not sufficient to comply with the GDPR. Kiwa’s GDPR certification service incorporates detailed privacy protection, so meets that gap. Organisations that already comply with the GDPR can derive added value through an ISO 27001 certificate, because information security is more thoroughly covered.

More information?

Kiwa has an extended and diverse track record when it comes to ISO27001 certification. In our product portfolio you will find more information about ISO 27001 certification by Kiwa, about ISO 27001 certification costs, the ISO 27001 certificate and the ISO 27001 audit. Would you like to know more about ISO 27001 certification, about the difference between ISO 27001 and ISO 27002 or about other aspects of data security? Please complete the contact form and we will be in touch.

Prepare with a pre-audit/GAP analysis

Are you planning to certify your organization according to a specific standard but unsure where to start? Or have you already implemented a management system in line with, for example, ISO 9001, ISO 27001, or ISO 14001, but you're uncertain if it fully meets the certification requirements? Discover more about our pre-audit/GAP analysis.

Read more

The new ISO 27001:2022

Discover more:

‘ISO 27001 gives us that crucial edge over the competition’

Dutch start-up Nedscaper provides Managed Extended Detection and Response (MXDR) services from the cloud. With this, the young company fully relieves customers when it comes to detecting and limiting cyber risks. Nedscaper also supports organizations that want to organize their own cyber security and provides compliance services. Lead compliance consultant Steijn Scheutjens explains how Nedscaper deals with digital information and recently saw its efforts in this area awarded with an ISO 27001 certification.

Digital information stored in the cloud. Limit the risk with ISO 27001 certification by Kiwa.

IT assurance reporting increasingly popular, but what exactly is it?

The growing number of requirements for information and IT security instigates more and more organizations to demonstrate that they have done everything within reach to comply with applicable laws and regulations and that they work according to recognized quality and information security standards. In addition to certification in accordance with the ISO 27001 standard for information security, an increasing number of organizations is opting for IT assurance reports such as ISAE 3402 and SOC 2.

An illustrated digital eye

Client cases:

Related services