In September, the Audit Service of the Netherlands (Auditdienst Rijk) and NOREA launched the CBW (NIS2) Control Framework. This practical tool supports organisations in strengthening their digital resilience and demonstrably complying with the new Cybersecurity Act (Cbw).
Independent. Experienced. Appreciative.
ISO/IEC 27001:2022 was published internationally in October 2022. This version was approved for Europe by CEN in July 2023 and subsequently published by NEN in August 2023 as NEN-EN-ISO/IEC 27001:2023 (NL/EN). The international version remains ISO/IEC 27001:2022; when certifying, you must choose between the international or the European/Dutch variant.
The process begins with your own organisation with a self-assessment. The framework uses a Maturity assessment at five levels, so that you can see exactly where your organisation stands. The tool supports you with clear selection menus and practical explanations.
The framework is built to be modular and therefore suitable for all organisations falling under the Cbw. A specific extension has recently been added for the healthcare sector, which directly clarifies the relationship between NEN 7510 and the statutory duty of care from the Cbw.
The full framework is available in Dutch and English and can be downloaded for free via this link.
After you have completed the self-assessment, DigiTrust will step in to review it impartially and objectively. Our auditor will assess whether your submitted scores and chosen maturity levels correspond to reality. We do this by:
If you have a NEN7510 certification then it will remain on the current version. After all, no new version of this standard is available yet. If you have both ISO27001 and NEN7510 certification, you can already switch to the new standard with your current ISO27001 certification. This will create a situation of 'old and new' mixed up in your ISMS.
The administrator/owner of this standard is the NEN. Because a new version of ISO 27001 has been released, the NEN standards committee is currently working on a new version of NEN7510 as well. This is only expected to be finalised and published during 2024.
Do you have any questions about this or about ISO certification 27001 in general?
Here then contact with us.
The framework describes control measures that are highly comparable to those from BIO, ISO 27001 and NEN 7510. As DigiTrust has extensive experience with these and employs auditors who test these standards daily, we are the ideal partner for this audit. We are able to independently test your organisation against this framework, assessing the control measures within the specific context of your organisation.
Would you like to have your self-assessment validated by our experts?
Contact us for an independent audit and ensure your organisation is ready for the requirements of the Cyber Security Act.
Bell +31(0)88 22 45 600
Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at [email protected] or use our online contact form. We will be happy to visit you for a no-obligation introduction.
Over 600 organisations have already taken the step.
![cmyk-Logo Cura Mare [top]](https://www.digitrust.nl/wp-content/uploads/2024/09/RGB-Logo-CuraMare-300x45.jpg){kind=logo}
