So well recorded, the audit prepared itself
Wendy Rockx works for Intersoftware Holding, which includes Intersoftware and FinData. Intersoftware is a customer of FinData and uses the data for the Adviesbox: advice software for mortgage advisors. Wendy handles company support, HR, office management and risk for both companies. She is involved in the ISO certification of both FinData and Intersoftware.
Getting Clearity
Both bv’s have been ISO-27001 certified since 2020. Before using ISOPlanner™, Wendy worked for FinData with Confluence and documents were in a SharePoint environment.
Intersoftware had a risk manager until July 1, 2022, ISO certification was not a priority because from ING -a shareholder- stricter rules apply than this certification. Overview for ISO was therefore lacking.
Wendy and the risk manager went looking for software that offered an overview. They looked at various packages. They also asked Ivar van Duuren of ISOPlanner™, who had previously worked for Intersoftware, for a demo. He showed how the package works in practice and that customization is possible.
Everything in One Place Saves Time
Intersoftware was audited in June 2022, according to the old way of working. From January 2022, FinData used the ISOPlanner™ and the audit took place in September 2022. Little preparation was needed for this audit; because everything is well recorded, staff were able to answer questions from the auditor adequately. Within FinData there are now five people working with ISOPlanner™: Wendy keeps the overview, two of her colleagues pick up tasks and management has access.
The shareholder standards and related tasks have been added to the ISOPlanner™ by Wendy. These standards overlap with the ISO standards. Everything related to risk is now in one place, and updated in that place. In practice, this saves time.
Ready for Audit
We started using ISOPlanner™ in January for ISO 27001 certification and the audit took place in September. Little preparation was required for this audit because everything was properly recorded so employees were able to adequately answer questions from the auditor.
