Information security certifications attained
Brand Compliance, an accredited and independent auditor, granted Cambrian Technologies the ISO 27001 & NEN 7510 certifications. ISO 27001 is the worldwide norm for information security management. The second norm, NEN 7510 is the Dutch norm for information security management for the healthcare industry. The certification start dates are February 1, 2020 and they are valid for a period of three years; subject to annual audits.
The auditors concluded that our information security management system (ISMS) contributes effectively to the realization of our objectives. Furthermore, they found that the organization is functioning in accordance with its management system; the audit concluded with zero non-conformities. Moreover, the auditors ascertained that the ISMS fully meets the requirements of the applicable standards.
Our customers benefit in several ways
The auditors characterized our ISMS as “mature”, “well developed” and “thoroughly implemented”. To us, the ISO 27001 & NEN 7510 certifications symbolize our commitment to a security and risk management framework operating at the heart of our organization.
Furthermore, it is important to note that the scope of the certifications includes the processes, services and solutions we provide to our customers. Moreover, all ISO 27001 controls and all NEN 7510 controls apply. There are a few logic exceptions because we are not a healthcare organization.
We were already working with certified and compliant cloud providers and services. For example, our solutions for a digital workplace leverage certified AWS services. In addition, our own processes, solutions and managed services are certified too. As a result of this end to end certification, our customers enjoy multiple important benefits:
- With this result our customers can rely their information security and data protection risks are reduced beyond the certified cloud services they consume.
- Furthermore, these certifications ensure compliance with the applicable laws and regulations our customers must adhere to. In addition, our contractual obligations to our customers cover these certified controls.
- Third, the certifications enable our customers to expedite the collaboration and the execution of their cloud adoption strategies. This is important as cloud adoption and digital transformation accelerate.
- Finally, when working with us, these certifications decrease the regulatory and compliance efforts on the sides of our customers.