Below is the organisation's own story;

The garlands can come off, because the information security management system is ISO 27001 certified! Don't understand this sentence yet? No worries, after reading this Fonky Story you will be completely up to date. And you will also understand why this certificate is worth celebrating.  

Thursday 20 January was the day, Marco and Edwin from DigiTrust stopped by to present the ISO certificate! But before this presentation took place, let's take you back in time. Because what exactly does this certificate mean and how was the road to it? We take you back in time for a moment. *presses rewind button*

Once upon a time... A Data Protection Officer with big dreams

We start at the beginning; meet our Data Protection Officer Azarags! Azarags is now a household name within Fonky, and not just because of his infectious smile. He has been with the organisation since 2014, when he was in charge of the Back Office.

"Fonky believed in my ideas and granted me the confidence," he says.

Looking at the business processes, Azarags asked himself; where can Fonky still make strides? He says: "In 2016, we made the successful switch from paper to digital. We wanted to grow and professionalise further. Soon we realised; data is going to play an important role in this. In 2017, we therefore decided that - alongside my full-time job - I would take the Data Protection Officer course, something that really makes my heart beat faster. This course was a big investment at the time, but I got the confidence from management to go in this direction. That's what I really like about Fonky; they believed in my ideas and granted me that trust."

The first steps were taken

And so it happened. In late 2017, Azarags successfully completed the training and the first steps in information security were taken: "In 2018, we were already looking at the AVG, something our colleagues in the industry were not yet doing. So we were already ahead of the curve there."

We hear you thinking, AVG? Potatoes, meat and vegetables? Nice try, but no. Simply put, the General Data Protection Regulation (AVG) is a set of rules defining how companies handle personal data. This European law ensures that your data is protected and ensures the free movement of data within the European Union.

"We are currently the best field marketing agency in terms of quality and audit scores."

But what did this lead mean for Fonky? "Thanks to this lead, we got the highest quality and audit scores from our clients. We are currently the best, something that gives me tremendous energy," Azarags said.

Logically, the next step in information processes was considered. "Fonky does a lot with data and works as well as paperless. OK, a few still write in books. But I try to help them get rid of that," Azarags says with a laugh. "I asked myself; how can we start managing and optimising these processes even better?"

Years of fighting for the coveted ISO certificate

The answer became ISO 27001 certification. So in 2019, Team Data Protection started working towards this coveted piece of paper; the NEN-EN-ISO/IEC 27001:2017+A11:2020 nl certification. Nice word for gallows game, but what exactly does this mean? In official terms, it means that all the requirements of the relevant standard have been met for 100%. Chaerlyne-Lian (Data Protection officer) explains to us: "Fonky works with an awful lot of data. Think personal data, but also systems and processes. By getting this ISO certification, we can show that Fonky handles this data neatly and we have our processes well mapped out and under control. "

"The goal of ISO certification was to help Fonky move forward, without all the administrative burden." 

Giant checklist 

Of course, you don't receive this certificate lightly. Chaerlyne-Lian takes us through the road to it: "You can actually see ISO 27001 as a gigantic checklist in the field of information security, where you have to make choices on all standard requirements on how and to what extent you set them up. this depends heavily on the risk analysis. you have to tick off everything. We really did a lot for this. Azarags started setting up everything for this as early as 2019. All departments and branches were involved in this. It's really a process that the whole of Fonky has been involved in." Azarags says: "I started talking to all departments and stakeholders about information security risks. The goal? To help the organisation move forward in terms of processes and systems, but without all the administrative burden."

Information security milestone

After several successful audits (an audit of the organisation), the big moment finally arrived at the end of 2021: ISO certification is in! What does this certification mean for Fonky? An awful lot, according to Azarags: "I can proudly say that we have not only achieved this certificate, but also taken the organisation to the next level. Thanks to this certificate diploma, we have become even more professional. We take a clearer approach and we also know where we stand the moment we start new projects. That was the situation we wanted to go to, but without all the administrative burdens. And we succeeded!"

"Fonky is the first and (so far) only field marketing agency to be ISO-27001 certified!"

Chaerlyne-Lian adds: "This certificate is also a signal to clients that we are really doing well in terms of the security of our data processing. With this, we want to show that everything is right. And... Fun fun fact: Fonky is making history by getting this certificate. We are the first and (so far) only field marketing agency to be ISO-27001 certified!"

Time for a party

You understand, obtaining this certificate was of course reason enough for a celebration. Back to our friends Marco and Edwin from DigiTtrust! *presses play button* They were on the doorstep on behalf of DigiTtrust (the organisation that helps organisations audit on this standard to achieve ISO certification) on Thursday afternoon with two a large bunch of flowers and the certificate.

Marco, director of DigiTrust, says: "By achieving this ISO certification, Fonky has shown that they have a functioning information security management system. We started training in 2019 and then the organisation worked hard to set up a well-functioning system and have all the controls in place. A great achievement and good news for all stakeholders of Fonky!"

After the official photo opportunity (with confetti cannon, of course), they toasted with a glass of champagne. Successes are to be celebrated, so this festive afternoon ended with a delicious lunch.

Bright future
What does the future look like for Fonky? "It's not that now the paper is in, we're done. We keep optimising and making sure everything stays up-to-date. Besides, we will be tested annually from now on, so we just keep going!" Says Chaerlyne-Lian. Azarags also sees the future positively: "We are moving forward and I am looking forward to it. The confidence at Fonky is high and so is mine. I really enjoy my work and this mix is going to ensure even more success. I expect to make many more great strides in the field of information security here." So on to the next champagne moment!