Security and Risk Management
There is an increasing demand for certification against security management standards. However, there are ample reasons for wanting to comply with such standards without becoming certified. Nearly all standards are based on a Plan-Do-Check-Act (PDCA) cycle, also known as a ‘Demming cycle’.
This continuous improvement cycle is the basis of several management systems. Our consultants have helped numerous organisation become certified. The ISO27001 standard is in most cases the chosen standard, and is also the standard from which other standards have been derived such as the NEN7510 standard (healthcare), the BIWA (Dutch Waterships), and the governmental BIR standard. We do not perform the certification audit in those cases, but help your organisation become certified.
Another topic we can assist your organisation with is the implementation of a risk management program. This is often placed within the context of a broader compliance issue. We use international standards for risk management such as ISO27005 or Management of Risk (M_o_R). Our consultants will assist your organisation with the implementation of these security- and risk management standards.