Security Verified

Security Verified is an open standard for the information security of organisations. Any organisation that handles valuable data or personal data is obliged to take care of information security. ‘Security Verified’ makes it easy for organisations to prove that they have taken such steps.

Security Verified background

Security Verified was created in summer 2016, as a response to questions from several smaller technology startups. For these organisations, proving their commitment to security and user privacy is extremely important. Many available standards however where either not open, did not provide a certification option, or seemed more geared towards large and corporate organisations. With ICT Institute we were familiar with many existing information security standards, due to our work reviewing IT systems and giving advice on information security. We recognised the gap of an more applicable and modern standard with a faster certification process, and designed the process together with our network of security experts and our clients.

Standard elements

The standard consists of the following elements

In addition, the following articles are recommended reading, in the following order

Standard maintenance and versions

security-verified-logo-largeThe standard is maintained by the ICT Institute information security team, consisting of Sieuwert van Otterloo, Floris van den Broek, Joost Schalken and other experts. The standard is versioned, based in year.month and the current version is 2016.10.

All material of the standard is  can be shared under a creative commons license. Specifically anyone can use the requirements checklist as a guideline for audits or reviews of their own information security management system.

The Security Verified logo, displayed to the right,  and name can be used by organisations that have a security verified certificate to refer to their certificate.