Welcome to Protify.

In accordance with cookie legislation and our privacy policy, we only place strictly necessary functional cookies. 😊

For visitor analysis, we use Google Analytics (also cookieless). May we also place some Google Analytics analytical cookies to gain a better understanding?

The Networkers achieves their ISO 27001:2022 certification in 9 months

Written by Danielle de Vaal

Client cases

The Networkers achieved their ISO 27001 certification in nine months in June 2023, a remarkable achievement. ‘We see it as a team effort!’ Mark Herder, Operations Manager of The Networkers looks back on a learning period. Mark and his colleague Rens Kluitmans, Chief Technology Officer, jointly supervised the ISO project and managed to create a culture where colleagues call each other to account when information security rules are not complied with. If you don’t, then you need a treat!
Read The Networkers’ story and what transition they went through in the organisation, what they learned from the ISO certification process and get tips.

About The Networkers

The Networkers specialises in networking and security; IT in the broadest sense. They provide services ranging from consulting and design of IT networks, measurement of wireless to implementations of switching and firewalls for both small companies and large municipalities and healthcare institutions. They perform these services for both partners and end customers in the Netherlands. Partners call them in when they do not have the technical knowledge ready or available. Then The Networkers works as a subcontractor to assist them with the implementation. A large part of the work takes place at the end customers’ premises, where in addition to the aforementioned services, some management and maintenance is also provided.

Why Protify?

The Networkers and Protify have supported each other several times over the years and in the past they were in the same business area. It was not who will be the partner for the certification process, as the choice for Protify had already been made.

Mark explains: ‘Protify resembles our type of organisation; one that communicates easily and is open to things. Danielle de Vaal paired us with Tim Kemper and it was an instant match! Tim is a guy who understands the world and IT very well and he has a technical heart. He did the Gap analysis and helped us make the first draft. Especially since we can still jump from heel to heel, Tim remained structural and punctual. In addition, he is good at storytelling and explaining.’

Choice of ISO 27001 certification

Since The Networkers targets both partners and end customers, they felt it was important to be certified themselves. And because they focus on the public domain, among other things, ISO 27001 is a prerequisite and sometimes even a knock-out criterion in tenders. ‘We participate in tenders ourselves, but also guide other companies to write tender documents. We have to be up to date with the current state of affairs and demonstrate that we think and understand the importance of information security.’ says Mark.

“It was kind of exciting to choose ISO 27001, because quite a lot is going to change in your organisation.”

Team certification

In September 2022, The Networkers started certification for ISO 27001 and the organisation was briefed on the certification process. Emphasis was placed on expectations and that this can lead to changes in the organisation and can sometimes even be annoying, but it will pay off in the end. Rens Kluitmans (CTO) and Mark Herder (Operations manager) jointly carried out the project for certification. During and prior to the certification process, they ensured that people in the organisation were kept informed, through presentations and held regular discussions with management.

‘We really see the process as a team effort and we would like to emphasise that because of the trust that Sam Bezzarri (CEO) gave us, it led to this process going so well and quickly. Along with the support we have had from Protify.’

‘Rens and I knew things had to be made formal. The procedures and processes, were 80 per cent in our heads and did, but it was nowhere. Therefore, by definition, it wasn’t necessarily controlled and monitored either. Now it really is on paper and has become a process.’

ISO 27001 certification in 9 months!

Rens and Mark sat together at least one day a week and once every two to three weeks they had a meeting with Tim Kemper to go through the next step in the process. They kept the organisation informed during their monthly, so-called ‘Geeks session’, where all technical colleagues get together to discuss business, cases, new technologies and tips and tricks, among other things, as well as company-wide information is shared. In this session, they built in an ISO block, where one part was discussed each time; how do we deal with security/with documentation/our own internal network/documentation/printing and what is allowed and what is not. They started with an explanation and then let the discussion develop. They used that output for the discussion with Tim Kemper and looked at how that information could be applied.

After obtaining the certificate, it now takes them about two hours a week to keep track of things. This work is logged and tracked in the ProActive Compliance Tool (PCT).

ProActive Compliance Tool (PCT) as part process

‘The PCT is just extremely well put together. What’s especially nice is that the whole system is interwoven, if you adjust something in one place, the PCT takes it under the skin in the system. As a result, you don’t have to go through everything to adjust things, which makes this tool rock solid. The PCT keeps you on your toes by planning and recurring tasks. You receive alerts when things are ready and things need to be done.’ indicates Mark enthusiastically.

Change in the organisation after introducing ISO 27001 certification?

‘It’s the general picture, processes you do or pick up as an IT person where you do things out of good will, but don’t always have the time to do it neatly.’
The Networkers is now giving extra attention to structure while also trying to make compliance with the rules of the norm a bit more light-hearted. If you fail to honour agreements on information security, you have to treat as a colleague. There is an atmosphere where people dare to call each other to account if something is not implemented properly.

Examples adjustments in the organisation:

  • VOG check in selection procedure of new employees
  • New employee gets ISO presentation in first week
  • Processes for holidays, writing hours, issuing goods and declarations
  • Uniformity as a company and what they convey
  • No more quickly sharing documents via Wetransfer, Whatsapp or PDF, “because it’s all made very easy for us, you can quickly move beyond standards.

Tips from Mark Herder before starting ISO 27001

  • Don’t underestimate certification and know what you’re getting into; it really impacts your operations. You are going to have quite a few discussions at times (with colleagues) and that is not always fun.
  • Take your time and space and plan! We managed it in nine months, through good guidance, but also because we were given the space internally to spend time on this.
  • Engage your team!

‘What I think is important is that we can call each other to account if something is not right.’

Like The Networkers, do you want a partner to support you on ISO 27001?

Take contact us so we can discuss together what the best solution is for your organisation.

Avatar photo

Danielle de Vaal

As operations manager, Daniëlle is the link between clients, processes and the team. With a pragmatic approach and a coaching mindset, she supports clients with complex issues and steers the team accordingly.

Other articles on our website

Frank de Krom – Consultant