Knowledge base

June 06, 2025

ISO/NEN certification as an SME? These are the stumbling blocks

 

Many SMEs want – or need – to be certified for standards such as ISO 27001 (information security), ISO 9001 (quality management) or NEN 7510 (for healthcare). Sounds good, but in practice many companies encounter unexpected bumps.

Data Security, we really need to address that….

We did a quick poll of our LinkedIn followers¹. What turned out?

🔍 Biggest challenge
“Getting access & permissions in place” – 50% of votes.
Followed by:
📄 Getting IT policies in order (38%)
🗂️ Setting up backup & logging (13%)
🤷 No idea where to start (0%)

 

Recognizable situations in ISO/NEN processes.

We often see it happen to SMBs who want to get started with certification:

❌ IT policy is somewhere in a 2020 Word document
❌ No one knows exactly who has access to which folder
❌ Working from home is arranged…. kind of
❌ Files are scattered across Dropbox, OneDrive AND the mailbox
❌ Backup? Yes… somewhere. Right?

And then suddenly an audit comes. Where are the documents? What is recorded? Who has access to what? It feels like searching for needles in a digital haystack.

 

“We thought it was settled…”

This is perhaps the biggest pitfall. Many entrepreneurs think the basics are right. Until something goes wrong. Or until an auditor comes along and you don’t have answers to simple questions like:

  • Who can access which customer data?

  • How are log files stored?

  • Is there a current backup?

 

Why an IT partner makes a difference here

At ALTA-ICT, we ourselves have successfully completed the course and passed:

✅ 𝗜𝗦𝗢 𝟮𝟳𝟬𝟬𝟭 (information security) ➡ alta-ict.co.uk/ISO27001Blog
✅ 𝗜𝗦𝗢 𝟵𝟬𝟬𝟭 (quality management) ➡ alta-ict.co.uk/ISO9001Blog
✅ 𝗡𝗘𝗡 𝟳𝟱𝟭𝟬 (information security in healthcare) ➡alta-ict.co.uk/NEN7510Blog

So we know exactly what auditors want to see. And perhaps even more important: how to set up your IT in such a way that it is safe, clear and demonstrably well organized. Without creating extra work for your team.

A good IT partner:

🔹 Thinks about policies, permissions and logging
🔹 Ensures you are audit-proof
🔹 Helps you demonstrate safe working practices

 

Ready to tackle it?

Do you want to not just “get” ISO/NEN certification, but actually work smarter and safer because of it? Then schedule a short demo. We’ll show you what a modern workplace looks like that does meet all the standards.

👉 Schedule a demo via alta-ict.co.uk/DemoBooks

 

Reference:

¹https://www.linkedin.com/posts/altaict_mkb-zorg-onedrive-activity-7334178379962765312-PRc8

Want to know more?

Get in touch
illustratie met obstakels bij ISONEN-certificering voor mkb

Related
blogs

June 26, 2025

Why certifications do say something about your IT partner

Read more
Beveiligingsiconen voor IT-netwerk en data
June 25, 2025

“Is this website allowed to access your local network?”

Read more
Cloudmigratie met risico’s icoon waarschuwing, server, map en beveiliging
June 24, 2025

The biggest blunders in cloud migrations

Read more
Gisteren veilig, vandaag kwetsbaar - Cybersecurity waarschuwing voor MKB
June 21, 2025

Yesterday secure. Today vulnerable?

Read more

Tech Updates: Microsoft 365, Azure, Cybersecurity & AI – Wekelijks in je Mailbox.