Shift2 achieves ISO certification once again
We are delighted to announce that Shift2 has once again been certified for both the ISO 9001:2015 and ISO27001:2022 standards! The audit was conducted last month by the accredited audit firm DNV, and we have successfully achieved our recertification.
- Emiel Duinisveld, Chief Information Security Officer.
Importance of ISO certification
This year is special because of the significant changes to the ISO27001 standard, namely a renewal of the standard itself and the related best practice (ISO27002:2022).
Achieving these certifications is another important milestone for us, as it demonstrates that we not only comply with international information security standards, but also continue to proactively adapt to changing requirements and best practices, particularly given the rapidly changing threat landscape of cybersecurity.
Contribution to NIS2 and BIO 2.0
Although we are not directly governed by the government and are therefore not bound by the Baseline Information Security Government (BIO), we understand its importance to our customers. As an 'external service provider', it is crucial that we can help you comply with the requirements of the BIO and the Network and Information Systems Directive (NIS2).
The arrival of NIS2 has a direct impact on the BIO, which will soon be introduced in a new version. Among other things, this new version is designed to properly implement the duty of care in the field of information security, whereby proportionate and appropriate measures must be taken to manage cybersecurity risks.
Seamless integration with ISO standards
The new version of the BIO is based on ISO27002:2022 and therefore fits in seamlessly with the ISO certification recently obtained by SIM. This means that our services and products are in line with the requirements imposed on you as a government agency. With this step, we hope and expect that we can make it a little'SIMpler' for you to comply with the requirements of the BIO and NIS2.
Scope of certification
The scope for which SIM is certified is as follows:
“The development, sale, implementation, hosting, and management of web applications.”
Contact
If you have any questions about information security or SIM's certifications, please contact Emiel Duinisveld, Chief Information Security Officer, at emiel.duinisveld@shift2.nl.