CCV Quality Mark Incident Response

When an organisation is hit by ransomware, a data breach, or another cyber-attack, every minute counts. The quality of the incident response service provider then determines whether damage is limited or escalates into a business crisis.

The CCV Quality Mark Incident Response certifies service providers who have proven that they respond to digital incidents quickly, competently, and in a structured manner. DigiTrust is an accredited audit partner of the CCV and conducts the certification audit independently.

Request a quote
Schedule an appointment

Independent. Experienced. Appreciative.

Home » Certification » CCV Quality Mark Incident Response
CCV Quality Mark Incident Response

27001:2023 and 2024 version?

Latest news

ISO/IEC 27001:2022 was published internationally in October 2022. This version was approved for Europe by CEN in July 2023 and subsequently published by NEN in August 2023 as NEN-EN-ISO/IEC 27001:2023 (NL/EN). The international version remains ISO/IEC 27001:2022; when certifying, you must choose between the international or the European/Dutch variant.

Read more

What is the CCV Quality Mark Incident Response?

The CCV Quality Mark Incident Response is a quality mark for companies that offer incident response services to other organisations. The quality mark was developed by the CCV to provide clients with certainty about the quality of their IR partner.

Certified organisations comply with established requirements in terms of response speed, technical competence, communication and reporting. The certification mark is available in two variants: Incident Response (office hours) and Incident Response 24/7.

img_4921

A CCV certification is relevant for whom?

The quality mark is intended for organisations that offer incident response as a paid service, such as:

  • cybersecurity companies with an IR team
  • Managed security service providers (MSSPs)
  • IT service providers with an incident response portfolio
  • specialist forensic cybersecurity firms
  • Organisations that procure IR services can use the quality mark as a selection criterion to find demonstrably qualified partners.
Request a quote

Over 600 organisations have gone before you

TechOne-Logo
Certification process - DigiTrust - Pink
Certification process - DigiTrust - Topicus
Certification process - DigiTrust - Stedin
Certification process - DigiTrust - ISO Group
Certification process - DigiTrust - Enexis
Certification process - DigiTrust - Spie
full-colour
Certification process - DigiTrust - Meander
Amac Logo
logo-fair-rgb-red
Antoni van Leeuwenhoek's Logo
Logo Ipse de Bruggen
Zuyderland Logo
HostedXL Logo
Logo Acces42
Certification process - DigiTrust - GGD GZ
certification-trail-digitrust-hoeflake
Certification process - DigiTrust - eXperIT
GGD Logo
QII Logo
logo_tcc_thecomputercompany-2
Elkerliek Logo
spaarne-gasthuis-300x152-e1481635004909
Infozorg logo
Gelderland Province Logo
Logo Indicia
Certification process - DigiTrust - Nitea
Logo the people
Certification process - DigiTrust - informens
Certification process - DigiTrust - Bizzcon
Xinno ISO27001 certification - certification process
linkit-1
Certification process - DigiTrust - Iwink
Certification process - DigiTrust - Constant-IT
cab-holland
cybercloud logo
bit logo
Certification process - DigiTrust - Get Noticed
Certification process - DigiTrust - ARROW
Certification process - DigiTrust - Rijnmond Doctors
Certification process - DigiTrust - ARCHIE
rgb_full-color_black8x
schermafbeelding-2023-04-22-150754
logo
logo_tt_2021_screen
Certification process - DigiTrust - Calibre
schermafbeelding-2023-08-31-212010
Certification process - DigiTrust - Vival Care Group
Certification process - DigiTrust - Ten
20211103-314335541-wza-logo
schermafbeelding-2024-02-13-194425
treant_logo2022_rgb_green-plane_pos
logo-mmt
logo-1500px
catharina_hospital_logo-small
EyeOn logo black
logo
DCSolutions logo
cmyk-Logo Cura Mare [top]
logo_karmacii
smc_logo-01
Sollie-Logo-Grey-Orange-payoff
DJL logo

ISO 27001 and/or NEN 7510? 

If you have a NEN7510 certification then it will remain on the current version. After all, no new version of this standard is available yet. If you have both ISO27001 and NEN7510 certification, you can already switch to the new standard with your current ISO27001 certification. This will create a situation of 'old and new' mixed up in your ISMS.  

The administrator/owner of this standard is the NEN. Because a new version of ISO 27001 has been released, the NEN standards committee is currently working on a new version of NEN7510 as well. This is only expected to be finalised and published during 2024. 

Do you have any questions about this or about ISO certification 27001 in general? 

Here then contact with us. 

Direct contact with your specialist

Bell +31(0)88 22 45 600

Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at [email protected] or use our online contact form. We will be happy to visit you for a no-obligation introduction.

Request a quote

Over 600 organisations have already taken the step.

Callback form

What is being tested?

The CCV certification assesses your IR service provision on the following aspects:

Reaction speed and availability

  • Confirmation of incident report within 30 minutes
  • Triage to commence within 2 hours of notification
  • Occupancy and call-out levels in accordance with the chosen level (office hours or 24/7)

Technical competence

  • Triage and analysis of the nature, scope, and cause of the incident
  • Malware removal and system restoration
  • Forensic analysis and root cause determination

Communication

  • Fixed client contacts during an incident
  • Clear and timely communication regarding progress and findings
  • Upscaling and escalation procedures

Report

  • Professional Final Report with Incident Description
  • Root cause analysis and recommendations for recurrence
  • Documentation of measures taken

Staff and organisation

  • Demonstrable competence of IR staff
  • Internal quality assurance and incident evaluation
  • Information security within your own organisation

The process

Initial
certification

Control 1

Audit of your management system

Control 2

Audit of your management system

Recertification

Re-evaluation of your management system.

Lees meer over ons proces

Why DigiTrust as an Audit Partner?

DigiTrust has been designated by the CCV as an accredited certification body for the Incident Response Quality Mark. Our auditors possess in-depth knowledge of cybersecurity operations and incident response processes.

 

 

At DigiTrust, you can expect;

  • Premium audits
  • Own auditors, we do not work with hired auditors
  • Quick response to all your questions
  • Direct contact with the back office and auditors
  • Quick quote, usually within a few days
  • We can often schedule your audit at short notice