Quality Mark for Digital Basic Security for SMEs

Small and medium-sized enterprises (SMEs) are an attractive target for cybercriminals, not because their data is more valuable, but because their digital security often falls short. IT service providers play a key role: they manage the systems and networks of hundreds of SME clients simultaneously.

The Digital Basic Safety Mark SMB certifies ICT service providers who structurally protect their SMB clients with proven basic security measures. DigiTrust conducts the independent certification audit as a recognised audit partner of the CCV.

Request a quote
Schedule an appointment

Independent. Experienced. Appreciative.

Home » Certification » Quality Mark for Digital Basic Security for SMEs
SME Digital Basic Security Mark

27001:2023 and 2024 version?

Latest news

ISO/IEC 27001:2022 was published internationally in October 2022. This version was approved for Europe by CEN in July 2023 and subsequently published by NEN in August 2023 as NEN-EN-ISO/IEC 27001:2023 (NL/EN). The international version remains ISO/IEC 27001:2022; when certifying, you must choose between the international or the European/Dutch variant.

Read more

What is the SME Digital Basic Security Mark?

The Digital Basic Security SME Mark is a quality mark for IT service providers who ensure the digital basic security of their SME clients. keurmerk is developed by the CCV based on the Digital Security Risk Classification (RKIDV) — a risk model based on the five principles of the National Cyber Security Centre (NCSC). The kitemark originated from a parliamentary motion requesting concrete cybersecurity support for SMEs.

 

Certified ICT service providers have demonstrably proven that they correctly implement these basic measures for their clients. This gives SMEs the assurance that their digital security is not left to chance.

img_4921

A CCV certification is relevant for whom?

The quality mark is intended for all ICT service providers that supply security services to SMEs.

MKB entrepreneurs can use the kitemark as a reliable selection criterion when choosing an ICT partner that takes their digital security seriously.

Request a quote

Over 600 organisations have gone before you

Certification process - DigiTrust - Topicus
Certification process - DigiTrust - Pink
Certification process - DigiTrust - Stedin
Certification process - DigiTrust - ISO Group
Certification process - DigiTrust - Enexis
Certification process - DigiTrust - Spie
full-colour
Certification process - DigiTrust - Meander
Amac logo
logo-fair-rgb-red
image 104
bridge-itself
Zuiderland
Certification process - DigiTrust - Province of Brabant
hostedXL
download2
Certification process - DigiTrust - GGD GZ
certification-trail-digitrust-hoeflake
Certification process - DigiTrust - eXperIT
GGD
Yeah, yeah
logo_tcc_thecomputercompany-2
Foxglove
spaarne-gasthuis-300x152-e1481635004909
infozorg
Gelderland Province logo
indices
Certification process - DigiTrust - Nitea
people group
Certification process - DigiTrust - informens
Certification process - DigiTrust - Bizzcon
Certification process - DigiTrust - Softmedia
Xinno ISO27001 certification - certification process
linkit-1
Certification process - DigiTrust - Iwink
Certification process - DigiTrust - Constant-IT
cab-holland
cybercloud logo
bit logo
Certification process - DigiTrust - Get Noticed
Certification process - DigiTrust - ARROW
Certification process - DigiTrust - Rijnmond Doctors
Certification process - DigiTrust - ARCHIE
rgb_full-color_black8x
dionar background
schermafbeelding-2023-04-22-150754
logo
logo_tt_2021_screen
Certification process - DigiTrust - Calibre
schermafbeelding-2023-08-31-212010
Certification process - DigiTrust - Vival Care Group
Certification process - DigiTrust - Ten
20211103-314335541-wza-logo
schermafbeelding-2024-02-13-194425
treant_logo2022_rgb_green-plane_pos
logo-mmt
logo-1500px
catharina_hospital_logo-small
EyeOn logo black
logo
DCSolutions logo
cmyk-Logo Cura Mare [top]
logo_karmacii
smc_logo-01
Sollie-Logo-Grey-Orange-payoff
Frontis-Corporate-Logo
DJL logo

ISO 27001 and/or NEN 7510? 

If you have a NEN7510 certification then it will remain on the current version. After all, no new version of this standard is available yet. If you have both ISO27001 and NEN7510 certification, you can already switch to the new standard with your current ISO27001 certification. This will create a situation of 'old and new' mixed up in your ISMS.  

The administrator/owner of this standard is the NEN. Because a new version of ISO 27001 has been released, the NEN standards committee is currently working on a new version of NEN7510 as well. This is only expected to be finalised and published during 2024. 

Do you have any questions about this or about ISO certification 27001 in general? 

Here then contact with us. 

Direct contact with your specialist

Bell +31(0)88 22 45 600

Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at [email protected] or use our online contact form. We will be happy to visit you for a no-obligation introduction.

Request a quote

Over 600 organisations have already taken the step.

Callback form

What is being tested?

The audit assesses whether your service provision complies with the five NCSC principles from the RKIDV, translated into concrete security measures for SME clients:

Mapping risks

Do you have a method to identify and prioritise your clients' digital risks? Are risks documented and communicated?

Promoting safe behaviour

Do you encourage safe digital behaviour among your clients' employees? Consider password policies, phishing awareness, and reporting procedures.

Protecting systems, applications, and devices

Do you secure systems, applications, and devices at a level appropriate to your customers' risk profile?

Manage access to data and services

Do you apply the least privilege principle for your clients' employees and external partners? Are access rights revoked in a timely manner when changes occur?

Being prepared for incidents

Do your clients have backups, recovery plans, and emergency procedures? As a service provider, do you know what to do in the event of a client incident?

In addition to the technical measures, DigiTrust also assesses your internal quality management system: how do you structurally guarantee the quality of your service provision?

Being prepared for incidents

Do your clients have backups, recovery plans, and emergency procedures? As a service provider, do you know what to do in the event of a client incident?

The process

Initial
certification

Control 1

Audit of your management system

Control 2

Audit of your management system

Recertification

Re-evaluation of your management system.

Lees meer over ons proces

Why DigiTrust as an Audit Partner?

DigiTrust has been appointed by the CCV as a recognised certifying body for the Dutch SME Digital Basic Security Mark. Our auditors have in-depth knowledge of digital basic security within SMEs and assess whether IT service providers support their clients with appropriate security measures and well-organised processes.

 

At DigiTrust, you can expect;

  • Premium audits
  • Own auditors, we do not work with hired auditors
  • Quick response to all your questions
  • Direct contact with the back office and auditors
  • Quick quote, usually within a few days
  • We can often schedule your audit at short notice