• The most important changes to the revised ISO 27001 and ISO 27002

    On February 15, 2022, the new version of the ISO 27002 standard was published. The ISO 27002 is an extension of the ISO 27001 standard for information security and specifies the requirements of an Information Security Management System (ISMS). The extension provides best practices for security controls and measures that you can implement to improve your security. Although ISO 27002 is not a certifiable standard, this revision does have consequences for organizations that are or want to become ISO 27001 certified. That is why we share the most important changes with you.

    Read more

  • Video: Combined certification ISO 9001, 14001 and 27001 at T-Mobile

    Within three months towards recertification for the internationally recognized standards ISO 9001 (quality), ISO 14001 (environment) and ISO 27001 (information security). Kiwa and T-Mobile Netherlands recently achieved this in a compact process in which recertification against these three standards was combined.

    Read more

  • Kiwa accredited for ETSI EN 303 645 cybersecurity testing

    Kiwa was recently accredited by the Dutch accreditation council RvA as the first Notified Body (NoBo) for testing and assessing the cybersecurity of IoT consumer products. By independently assessing the cybersecurity of 'smart' devices such as doorbells, thermostats, tv’s and lighting, manufacturers can ensure that consumers are less likely to become victims of cybercrime.

    Read more

  • Revision ISO 27002: simplification and modernization

    To ensure that quality standards remain relevant and current, they are reviewed at least every five years. For that reason, the ISO 27002 was recently revised. This standard contains the practical guidelines and control measures for management systems for information security (ISMS) that are inextricably linked to the information security standard ISO 27001.

    Read more

  • Delegated Regulation RED compliance cybersecurity IoT products published in OJEU

    The Official Journal of the European Union (OJEU) has published the Delegated Regulation (2022/30/EU), making compliance to the RED (2014/53/EU) articles 3.3 (d), (e) and (f) mandatory for cybersecurity aspects of IoT products. The Delegated Regulation will come in effect on the 1st of February 2022. After a transition period, compliance will become mandatory from 1st of August 2024.

    Read more