14 October, 2025
Certificate for updated ISO standard and green light for NEN 7510:2024
A nice next step in information security: after a tough audit, we are now ISO 27001-certified for the renewed ISO standard (2022)! We also passed the audit for the renewed NEN standard (2024), the certificate for which will follow later. For you as a customer, this means that your organisation's data are in safe hands with us, as always. And that by complying with the new standards, with explicit measures in the areas of cloud, monitoring and secure software development, we can protect your data even better.
IT Local has been ISO 27001- and NEN 7510-certified since the beginning of last year. This means that we have our information security in good order and that it meets high standards. The ISO standard requires not only that you stay sharp and secure as an organisation, but also that you continuously improve in the field of information security. That is why there are annual surveillance audits and a recertification audit once every three years. In early September, it was audit time for us and for several days we were under the magnifying glass of certification body Kiwa.
Immediate compliance with the new standards
As we still had certification for the ISO 2017 standard, the surveillance audit was also an audit for certification for the latest (2022) standard. This also applied to NEN 7510 where we were now audited against the 2024 standard instead of the old one. Since NEN and ISO have a lot in common, a combination update made sense. All in all, this did make the process quite intensive and spicy, especially for our security officer Marco Huiting who took on by far most of the work. Marco: "Then you have to think of around 85% of the work. For the last 15%, the ISMS team was brought in to check everything."
"We had most things neatly in order. Of course, the audit also revealed areas for improvement. And that's good, because you have to stay sharp. The points for improvement were mainly in describing responsibilities and documenting matters. We will continue working on these in the coming period. In any case, it did not prevent a positive outcome."
ISO 27001
ISO 27001 is the international standard for information security. The standard describes how you deal with securing information process-wise. The aim is to ensure the confidentiality, availability and integrity of information within an organisation. This includes protecting personal and/or company data, protection against hackers and break-ins. The new ISO 27001:2022 standard better meets the current times with threats and technology in the context of information security, cybersecurity and privacy. There are now explicit measures for cloud, monitoring and secure software development. The new standard is also more accessible and better aligned with other ISO standards.
NEN 7510
Because we also operate in the health and welfare sector, we also have NEN 7510 certification. NEN 7510 is the Dutch standard for information security in healthcare. A specific standard especially for the care and welfare sector, because the care sector is really different from other sectors and Dutch care differs from that in other countries. The new NEN 7510:2024 is more in line with the international standard. There is now more emphasis on the safe handling of data throughout the healthcare chain, and organisations have to show more clearly how they assess risks and handle incidents.
Track ISMS with ISO planner
Also new is working with an ISO planner. Marco: "We started very basic last year to set up and maintain the ISMS (information security management system), with Excel and Word documents, but with this planner we can now record everything much better and in a more structured way. We also get automatic alerts when we need to perform certain tasks."
New NEN 7510:2024 certificate follows
The new ISO certificate is in, but the NEN certificate is not yet in. Marco: "Kiwa is not yet officially allowed to audit for the new NEN standard and is therefore not yet allowed to issue a certificate. But we have already been audited according to that standard and comply with everything. We will get the certificate next year, so for the time being we can leave our current certificate in the change frame. We did amend the Declaration of Applicability (CoA) so that we have both the old and new standards in it. So we can also show in terms of NEN standards that we are on the right track. But the most important thing, of course, is that in practice we do everything we can to have our information security tightly in order. Together and every day."
Update - 23 January 2026: The NEN 7510:2024 certificate is in!
Want to know more about our certification? Curious about the benefits for your organisation? Call Marco Huiting (088 4043 400) or send him an e-mail.
Photo above: Marco with the new ISO 27001 certificate.