...

NFIR ISO9001 and ISO27001 certified

Content

After being certified for ISO27001 in 2020, we are now proud to add ISO9001 to our certifications. With the addition of this certification, NFIR demonstrates our ability to provide services that meet information security and quality requirements and desires of our customers. NFIR was audited for this purpose by BSI and a certificate was issued after a successful audit.

NFIR ISO9001 and ISO27001 certified

ISO9001 and ISO27001

NFIR has already been audited and certified for ISO27001 in 2020. At the time, an ISMS (Information Security Management System) was built to give the right interpretation to this. Within this ISMS, measures are secured to mitigate information security risks. By embedding these measures in the management system, NFIR as an organization gets a grip on the effective operation of the measures and can make adjustments if necessary.

NFIR also wants to be fully in control when it comes to quality. In fact, a high-quality and consistent delivery of our services is very important to NFIR’s customers. It doesn’t matter if it’s implementing Incident Response, Digital Forensics, Penetration Testing, Security Monitoring, File Monitoring, the CSSC or Awareness services. You can expect us to be committed to the quality of the processes and execution of these services. By implementing measures, NFIR has a grip on the constant delivery of quality. These measures are secured in a management system, the QMS (Quality Management System).

Since both ISO27001 and ISO9001 use ISO High Level Structure, NFIR has chosen to bring these systems together into one integrated management system. Thus, both information security and quality are jointly secured in our organization.The scope of the management system is as follows: Limiting consequential damage from cyber incidents and increasing digital resilience of organizations through reactive and preventive IT security services.

In our DNA

Rob de Vries, Quality Manager & Information Security Officer at NFIR indicates that securing information runs through NFIR’s veins and is part of its DNA:

“Information security and quality have been in our DNA since the beginning of NFIR. We are specialists in the field of cybersecurity and often advise clients on measures to be taken after we have carried out Incident Response at an organization that has been hacked, for example. Of course, it is unacceptable for us not to have our own information security in order. So we were already applying many measures. Also in the area of quality, it was already the rule to work according to standardized methods, perform peer reviews and investigate customer satisfaction. So many things were already well organized. The implementation of a management system for ISO27001 and ISO9001 was therefore primarily aimed at securing various measures and processes in an integrated system.”

Advantage for customers

Achieving certifications for both ISO27001 and ISO9001 also provides benefits for NFIR’s customers. De Vries: “Customers can now see at a glance that NFIR is a reliable partner in the field of IT security. In addition to the strict laws and regulations we must comply with from our POB (detective agency) license, these certifications are a very nice addition to increase NFIR’s reliability as a player in the cybersecurity market. Also, the high consistent quality of the services we provide further contributes to this.”

The next step?

Next year NFIR will also be working hard to achieve NEN7510 certification. For example, the amended ISO27002 will also be scrutinized. In short, NFIR is not sitting still in the coming period.

SECURITY INCIDENT BIJ UW ORGANISATIE?

De volgende 30 minuten zijn van cruciaal belang​!

De eerste 30 minuten na een cyber security incident zijn cruciaal, omdat een snelle en adequate reactie de schade kan beperken. Daarnaast kan verdere verspreiding van de aanval worden voorkomen en kan essentieel bewijsmateriaal veiliggesteld worden voor nader onderzoek.

Ons Computer Emergency Response Team (CERT) staat 24/7 klaar om bedrijven en organisaties te ondersteunen bij IT-beveiligingsincidenten.

Heeft uw bedrijf professionele hulp nodig bij een beveiligingsincident? 

* LET OP: Wij werken uitsluiten voor bedrijven en organisaties.

SECURITY INCIDENT AT YOUR ORGANIZATION?

The next 30 minutes are crucial!

The first 30 minutes after a cyber security incident are crucial because a quick and adequate response can limit the damage.
In addition, further spread of the attack can be prevented and essential evidence can be secured for further investigation.

Our Computer Emergency Response Team (CERT) is available 24/7 to support businesses and organizations during IT security incidents.

Does your company need professional help with a security incident?

* NOTE: We work exclusively for companies and organizations.