NRB obtained its ISO27001 certification after successfully passing the extensive audit of LRQA Lloyd's Register Quality Assurance, the internationally acknowledged certified audit-institution. ISO27001 is a guideline for setting up a consistent and proactive information security management system within the company.
"This quality label is of major importance to NRB, taking into account its mission as a provider of ICT outsourcing services that takes care of the systems, the applications and the data of its customers” explains Emmanuelle Lhermitte, Director Quality & Risk Management at NRB. “Data, information and insights are after all, for NRB as well as for its customers and in fact for all actors in the knowledge economy, the basis of our value creation. Securing these valuable data has become a top priority, since cyber criminality regularly gets the headlines of the news with constantly new techniques in hacking, social engineering, ransom and other malware. This formal certification is an assurance that NRB disposes of the right infrastructure, the right processes and the right competences to assure a comprehensive data security system not only internally but also for its customers."
With this ISO27001 certification, NRB is indeed leading the way: next to being certified itself, NRB also offers consulting services to its customers in the public and the corporate sector to accompany them on their road to ISO27001 certification. In this context NRB set up a partnership with the PECB (the Professional Evaluation and Certification Board) to complete its service portfolio with ISRM or Information Security and Risk Management Trainings. Philippe Wanson, member of the ISRM practice and certified PECB trainer is coaching new “Trainer” candidates to guide their organisations in implementing their own ISRM (www.nrb.be/en/iso27001-training).
Moreover, NRB – as one of the first in its sector – has recently renewed its ISO9001 certification according to the new 2015 edition. ISO9001 is focusing at the quality management system of the company.