Deftpower faced exactly that task. But instead of a tough and bureaucratic process, we opted for a smart and pragmatic approach together. At TeamValue, we believe that certifications should not be a goal in itself, but a way to work more efficiently, safely and future-proof. No unnecessary processes or extra rules, but an approach that fits Deftpower's existing way of working. With strategic choices, a strong focus on support within the team and smart optimizations, we achieved certification within 8 months. A tight turnaround time, without sacrificing quality or innovation.
Value unlocked
- ISO
Certified to ISO 27001 within 8 months - Security
More efficient processes and more control over security - Trust
Increased customer trust, which opens doors for new collaborations - professionally
External auditors were impressed by the professional and well-integrated approach - Team & Culture
A unique approach that focused on team dynamics and corporate culture
Deftpower accelerates the transition to a sustainable future by developing technologies that make optimal use of renewable energy sources. Deftpower wants to drastically reduce CO₂ emissions in the transport sector and break the dependence on fossil fuels.
Our approach
The 0 measurement
We started at Deftpower on location. By working with the team, mapping the information flows and observing their working methods, we were able to perform a 0 measurement. These observations formed the basis for setting up a management system that is fully in line with their organization.
Way of Work: Validate, not change
ISO 27001 was not supposed to determine Deftpower's way of working, but vice versa. We took their existing way of working as a starting point and looked at how we could strengthen them. By involving the team from day one, we ensured support and a smooth implementation.
Smart use of tools
At TeamValue, we don't believe in unnecessary extras, so we've used existing resources as much as possible. One smart addition: IsoPlanner, a tool that we know well as a partner and that perfectly suited Deftpower's way of working.
Challenging management
A strong security strategy requires sharp choices. We challenged the management team with critical questions and strategic advice. This resulted in concrete steps, such as appointing a CISO (with guidance from TeamValue) and tightening the risk matrix.
Making growth possible
For Deftpower, ISO 27001 was not just a check mark on the compliance list, but a precondition for further growth. Thanks to our structured and no-nonsense approach, the certification process went smoothly and efficiently.
Process optimization and security awareness
In addition to certification, it's about awareness and working smarter. We helped Deftpower optimize their processes and gave security-awareness workshops. Interactive sessions where employees understood the impact of information security.
A management system that works
Together, we built a robust management system. Deftpower received an approach that perfectly suited their organization. The Golden Path principles formed the basis and were subsequently tailored to the context of Deftpower. With internal audits and continuous improvement processes, security remains not a one-off project, but a fixed value within the organization.
Why did this work?
The success of this process was in involved management and broad support with employees. No rules imposed from above, but a collaborative effort. Our way of working, including 'The real conversation', ensured that decisions were made quickly and the turnaround time was significantly reduced.
In addition, the management system really lives within the organization. During the interim audits, we only support Deftpower with the controls. They largely implement the resulting improvements themselves. A development that makes us very happy.
Next steps
Because we liked the cooperation from both sides, we now support Deftpower with the ISAE 3402 assurance statement. In contrast to ISO 27001, ISAE 3402 is not a certification, but an international standard that shows that a service organization's internal control measures are effective (type 1 and 2 statement).
Getting started with ISO 27001?
With our unique approach, we not only help your organization meet requirements, but to really grow. Discover how, together with your team, we create sustainable solutions that make an impact. Get in touch and walk The Golden Path with us.
Tools
- Microsoft Cloud environment
- Privileged Identity Management (PIM)
- Azure Security Monitoring
- ISO scheduler
Methods
- PDCA cycle
- The Golden Path
- Agile Scrum
