MICE Operations has recently achieved the ISO 27001 certification! But what exactly does this mean? To find out, we spoke with Wouter, our Chief Information Security Officer (CISO). We discussed the role of a CISO, the significance of ISO certification, and how this achievement benefits our clients.
What do you do, as the CISO of MICE Operations?
"As CISO, I'm responsible for the overall information security within MICE Operations. This includes defining our information security policy, implementing technical and organizational measures, and managing information security risks."
What does ISO 27001 mean?
"ISO 27001 is an international standard for information security. By obtaining this certification, we show that MICE Operations adheres to best practices in information security. This is important for our clients, partners, stakeholders, and even our own employees. It assures them that their data is safe with us."
What was the driving force behind MICE's decision to pursue this certification?
"Getting ISO 27001 certified demonstrates that we take information security seriously and we have our act together. Plus, it helps us to stand out because it proves we go the extra mile to protect our clients’ data.
How did the certification process unfold?
"We started the process in late summer 2023 with the guidance of De Vaart, a specialized consultancy firm. In April and May 2024, we tested our new management system. Then, in June, we underwent an initial audit to see if we were ready for the 'real' audit, which took place in July 2024."
What are the benefits for MICE clients and users?
"ISO 27001 certification offers several significant advantages to MICE Operations clients. They can be assured that their data is securely stored with us. Additionally, we now have a highly structured approach to managing information security risks."
Is the work now complete? How do we ensure long-term compliance with the certification?
"Getting ISO 27001 certification was a big step, but our work isn’t finished. We conduct ongoing internal and external audits to maintain compliance with the standard. We also set goals each year to make our security even better, and every three years we will undergo a recertification audit by an independent auditor."
Read all about data security at MICE on our Security & Compliance page.