Shift2 achieves ISO certification again

"We are pleased to share that Shift2 has been recertified for both ISO 9001:2015 and ISO27001:2022 standards! The audit was conducted last month by the accredited audit firm DNV, and we successfully achieved our recertification." 

- Emiel Duinisveld, Chief Information Security Officer. 

Importance of ISO certification 

This year is special because of significant changes to the ISO27001 standard, namely a renewal of the standard itself as the related best practice (ISO27002:2022).

Achieving these certifications is another important milestone for us as it demonstrates that we not only meet international information security standards, but also continue to proactively adapt to changing requirements and best practices, especially given the rapidly changing cybersecurity threat landscape.

Contribution to NIS2 and BIO 2.0

Although we are not directly under the government and therefore not bound by the Government Information Security Baseline (BIO), we understand its importance to our customers. As an "external service provider," it is critical that we can help you meet the requirements from the BIO and the Network and Information Systems Directive (NIS2).

The arrival of the NIS2 has a direct impact on the BIO, which will soon be introduced with a new version. Among other things, this new version is designed to give proper substance to the information security duty of care, requiring proportionate and appropriate measures to manage cybersecurity risks.

Seamless integration with ISO standards

The new version of the BIO is based on the ISO27002:2022 and thus fits seamlessly with SIM's recently obtained ISO certification. This means that our services and products are in line with the requirements placed on you as a government. With this step, we hope and expect that we can make it a littlemore "SIMpeler" for you to meet the requirements from the BIO and NIS2.

Scope of certification

The scope on which SIM is certified is as follows:

"Developing, selling, implementing, hosting and managing web applications."

Contact

If you have questions about information security or SIM's certifications, please contact Emiel Duinisveld, Chief Information Security Officer, at emiel.duinisveld@shift2.nl.