Request a quote
en_GB EN
en_GB EN nl_NL NL de_DE DE

How does a certification process work at DigiTrust?

For organisations considering certification for the first time, the process often raises many questions. How exactly does such an audit work? What are the steps? And what can you expect from DigiTrust as an independent certifying body? In this article, you will read how a certification process at DigiTrust works - from the initial application to awarding the certificate. 

When is certification relevant? 

Certification is often relevant for organisations that want to comply with laws or regulations, participate in tenders or demonstrably work on quality, information security or sustainability. Sometimes certification is mandatory within an industry, but more often it is a strategic choice to build trust with customers, partners or regulators. 

Examples of standards for which DigiTrust certifies include: 

  • ISO 9001 (quality management); 
  • ISO 27001 (information security); 
  • NEN 7510 (healthcare-specific information security); 
  • and other standards focused on risk management and reliability. 

Certification is not an end in itself, but a means of structural improvement and of demonstrating this in an objective manner. 

The steps of a certification process 

A certification process at DigiTrust follows a number of clear and traceable steps: 

  1. Application and intake interview

You contact DigiTrust asking whether certification is possible and useful for your organisation. In an intake meeting, we discuss: 

  • the desired standard(s); 
  • the scope (area of application); 
  • the context of your organisation; 
  • and any particularities in your sector. 
  1. Quotation and preparation phase

Based on the interview, you will receive a quotation with a clear explanation of the structure and process. DigiTrust does not advise on the content of your management system, but we do provide clear explanations on how the process works and which assessment criteria apply. 

  1. Phase 1 audit

During phase 1, we assess whether your organisation is ready for the more in-depth phase 2. We look at your documentation, policies, risk assessments and level of implementation. 

  1. Phase 2 audit

In this phase, we assess on-site whether your management system is working in practice. We conduct interviews, review processes and collect objective evidence of standards compliance. 

  1. Audit report and decision-making

The auditor prepares a report of findings. An independent assessor within DigiTrust makes a certification decision on this basis. With a positive result, you will receive the certificate. 

  1. Certificate and supervision

After certification, annual surveillance audits take place. Recertification follows after three years. This ensures that quality is maintained. 

What can you expect from DigiTrust? 

DigiTrust is an independent certification body. This means that we do not advise you on how to comply with the standard. What we do is: 

  • objectively assess whether the requirements have been met; 
  • Communicating transparently about the process; 
  • Work according to international accreditation standards (such as ISO/IEC 17021); 
  • Employ expert auditors with knowledge of your sector. 

We always aim for a clear, accessible approach - especially for organisations entering a certification process for the first time. 

How long does a certification process take? 

Turnaround time depends on several factors: 

  • the chosen standard(s); 
  • The size and complexity of your organisation; 
  • your preparation and planning; 
  • the availability of auditors. 

On average, the process from the initial application takes a few weeks to a few months. Would you like to speed things up? Then we will be happy to work with you on a suitable schedule, within the framework of our independence. 

What does certification cost? 

The cost of certification depends on: 

  • the type of standard; 
  • the number of locations or employees; 
  • your organisation's risk profile; 
  • and the audit duration required by the accreditation criteria. 

At DigiTrust, you will always receive a clear and transparent quote, with no hidden costs. Certification is an investment, but delivers value in the form of trust, structure and external recognition. 

Frequently asked questions 

What are the steps of certification?
The main steps are: application, intake, quotation, phase 1 audit, phase 2 audit, certification decision and annual follow-up. 

How soon will you get a certificate?
It depends on your preparation and planning. In ideal circumstances, the process can be completed within a few weeks. 

What should I submit for a certification audit?
Among other things, you provide policy documents, risk analyses, procedures and registrations. During phase 1, we align this together with the chosen standard. 

Can DigiTrust help prepare?
No, DigiTrust does not provide implementation advice. We assess independently. For guidance, please contact an external consultant. 

Conclusion 

A certification process at DigiTrust is clearly structured, objectively executed and focused on trust. From intake to certificate: you always know where you stand. Would you like to know whether certification is right for your organisation, or do you need an explanation of the process? We will be happy to help you - transparently, expertly and independently. 

Read more about

Who is DigiTrust anyway?

DigiTrust is a young organisation and has existed since 2013. We are different from any other certification body. Why? We do this work because we really want to contribute to a more secure digital world. We always mind

Read more "
Back to the knowledge base
en_GBEN
nl_NLNL de_DEDE en_GBEN