SPIE Netherlands and ISOPlanner

How SPIE Netherlands is in control of information security with ISOPlanner and is prepared for future legislation

Clients are asking their suppliers for confidence and whether their information security is in order, especially in the run-up to new European cybersecurity legislation. SPIE Nederland started an ISO 27001 program partly for this reason. Through close cooperation with ISOPlanner, they were able to get their certification process in order in a short time and prepare the organization for the external audit. Meanwhile, SPIE Netherlands has obtained several certificates and ISOPlanner has become a part of the business and security processes.

SPIE Netherlands is a subsidiary of the SPIE Group, the independent European leader in multi-technical services in the fields of energy and communication. SPIE Nederland assists its clients in the design, implementation, operation and maintenance of network systems and energy, infrastructure, industrial and building installations. With nearly 8,000 employees working in five divisions, SPIE Nederland is the largest multitechnical service provider in the Netherlands.

Leon van der Valk, Chief Information Security Officer (CISO) of SPIE Netherlands talks about the cooperation with ISOPlanner: “In 2020, we were preparing for ISO 27001 certification when, forced by external influences, we immediately had to look for a new Information Security Management System (ISMS). Through our IT partner we came into contact with ISOPlanner and started a test which turned out to give very positive results. We then proceeded to purchase the application.

Scalable and functional for larger organizations

Leon van der Valk continues: “ISOPlanner was initially created for SME companies, but in good cooperation we made it suitable for our large organization. Because each division works in its own silo and the silos are interconnected, it is a scalable and functional solution for our business structure.”

ISOPlanner is now an essential part of business processes

After the testing phase, the organization adopted ISOPlanner widely and it became an integral part of the ISO 27001 certification process.

Leon van der Valk continues, “Some 30 colleagues now work with the software, including management, IT and other business units. So for example, the release and management of access rights to applications, all run through IT. ISOPlanner has really become part of our business and security processes.”

User-friendly and functional platform

SPIE Nederland especially appreciates the accessibility of ISOPlanner. Leon van der Valk: “When I compare ISOPlanner with similar applications, we find ISOPlanner much more accessible and user-friendly. Because ISOPlanner is accessible to use, I haven’t encountered any resistance from colleagues, and that says quite a lot. And that’s just as well, because it doesn’t help the project if you also have to eliminate internal resistance.”

ISOPlanner listens to our wants and needs and moves with us. It is a user-friendly application, which makes it nice to work with. I am extremely happy with it!
Leon van der Valk

CISO SPIE Nederland

ISOPlanner provides structure, overview and guidance for action

Leon van der Valk continues: “The added value of ISOPlanner shows when clarifying which actions are needed. Because if you receive a standards set of more than 100 pages in English and share it with colleagues, you quickly get the question, “Yes, but what should I do?” I had to read it several times myself, and I’m a security specialist.”

ISOPlanner guides you in what to do and provides structure and overview of the underlying evidence, which is important for the audit. It also helps a large group of people to work in a unified way. Leon van der Valk: “I don’t have to copy documentation, we work in Sharepoint. And ISOPlanner retrieves those documents and links them to the risks and policies.”

Agile scaling up while being aware of the organization

SPIE Nederland also appreciates the open communication with the ISOPlanner team. Leon van der Valk continues: “We really learn from each other, the people from ISOPlanner are always open to feedback. They listen to our wants and needs and move along with us. It’s not a rigid package that we purchase. It is very clear and nice to work with, I am extremely happy with it! Also the tutorials give a lot of clarity and make it easier to use.”

Preparing for future laws and regulations

By working with ISOPlanner, SPIE Netherlands has achieved its primary goal of becoming ISO 27001 certified for its first business units. They now have five certificates for different divisions and business units in house, with more to follow in the near future.
Leon van der Valk looks ahead: “Using ISOPlanner allows us to prepare for the future. New laws and regulations are coming up that will have far-reaching consequences for our organization. For example, NIS2 is coming and the standard IEC 62423, Cybersecurity for Industrial Automation. This standard describes the security of industrial infrastructures and processes. We need to respond to this now. This can be easily done with ISOPlanner, which will soon include that set of standards. In that respect, ISOPlanner listens well to the needs of the market.”

The advantages of ISOPlanner according to SPIE Nederland

Leon van der Valk concludes, “In short, it comes down to the fact that we experience much more ease, simplicity and structure in our certification processes. We have an important communication tool that benefits our divisions and business units and provides feedback to colleagues and our management. It’s a pleasure working together, we are learning a lot from each other and are both open to suggestions and further developments.”

See ISOPlanner in action

Book a live demo or start your free trial.