This February, the auditors continued our ISO 27001 en over NEN 7510 certifications. ISO 27001 is the worldwide norm for information security management. The second norm, NEN 7510 is the Dutch norm for information security management for the healthcare industry. One year ago, Cambrian Technologies attained these two certifications.
Day to day implications in order to realize tangible results
The continued ISO 27001 & NEN 7510 certifications symbolize our commitment to a security and risk management framework that is operating at the heart of our organization.
This has practical and tangible meaning in our day to day activities:
- Our operations processes and personnel adhere to strict standards for information security and data protection.
- Every employee prioritizes information security and risk mitigation in their day to day activities.
- We apply multiple checks and balances te reduce security risks, including the risk of human error.
- As an organization, we assess security risks and implement mitigating controls in a proactive manner.
- We evaluate our way of working, measures and adherence to our standards and controls in a structured fashion and at regular intervals.
- We test and document our activities and findings, to enable independent external auditors to formally assess and evaluate our performance and we use their feedback to learn and improve.
Our customers continue to benefit in multiple ways
It is important to note that the scope of the certifications includes the processes, services and solutions that we provide to our customers. Moreover, all the ISO 27001 controls and all the NEN 7510 controls apply. There are a few logic exceptions because we are not a healthcare organization.
We already work with certified and compliant cloud providers and services. For example, our solutions for a digital workplace leverage certified cloud services. In addition, our own processes, solutions and managed services are certified too.
As a result of this end to end certification, our customers enjoy multiple important benefits:
- Our customers can rely that their information security and data protection risks are mitigated beyond the certified cloud services they consume.
- In addition, these certifications ensure compliance with the applicable laws and regulations our customers must adhere to. In addition, our contractual obligations to our customers cover these certified controls.
- Third, the certifications enable our customers to expedite the collaboration and the execution of their cloud adoption strategies. This is important as cloud adoption and digital transformation accelerate.
- Finally, when working with us, these certifications decrease the regulatory and compliance efforts on the sides of our customers.