Trust & Quality: Scenexus’ license to operate

  • Announcement
  • The Hague
  • December 29, 2025

Information Security and Quality are crucial for any business working with public data for governments. Therefore, we started working on these topics from the start, January 2025.

Walter Lohman, CTO and responsible for Information Security and Bart van der Poel, Lead Operations and responsible for user onboarding have been working hard to get our Information Security Management System (ISMS) and Quality Management System (QMS) in place.

Just before the first anniversary of Scenexus, we are proud to share that we received the ISO/IEC 27001 and ISO 9001 Certificates.

Scenexus is ISO/IEC 27001 and ISO 9001 certified. Why is that essential for government clients?

Walter: For the public sector, trust is nonnegotiable. ISO/IEC 27001 gives us an auditable Information Security Management System to manage confidentiality, integrity, and availability across people, processes, and technology. It’s how we make security tangible governed, measured, and continuously improved.

Bart: ISO 9001 provides the discipline to deliver consistently, clear processes, corrective actions, and continuous improvement. That matters in public projects where predictability, transparency, and auditability are key.

How do you anchor security when handling sensitive governmental data?

Walter: We operate a securitybydesign approach: strict access controls, strong encryption in transit and at rest, continuous monitoring, and rehearsed incident response. Combined with ISO 27001 governance, it ensures the protections we promise are actually in place, every day.

“Security isn’t a feature—it’s our license to operate. With ISO 27001 as our backbone, we design for least privilege, strong encryption, and continuous monitoring from day one.”
Walter Lohman
CTO Scenexus

How does ISO 9001 shape the onboarding of new clients?

Bart: We run onboarding as a qualitycontrolled process with clear stages: requirements capture, datasharing setup, security and residency checks, technical integration, acceptance testing, and golive readiness. ISO 9001 keeps this predictable and auditable metrics, feedback loops, and corrective actions are built in, so public agencies see steady progress and stable operations. A way of working that allows scaling as the growth of our company accelerates.

“Quality is the promise we keep every day. ISO 9001 gives our onboarding a repeatable rhythm, clear hand offs, measurable checkpoints, and continuous improvement that our public clients can verify.”
Bart van der Poel
Lead Operations Scenexus

How do you manage thirdparty and supplychain risk?

Walter: We assess and contractually govern vendors before any data exchange. We require appropriate controls, clear roles and responsibilities, auditability, and secure data handling. If a supplier can’t evidence strong security and quality practices, they don’t touch client data – full stop.

 

What governments can expect from Scenexus

  • Governmentgrade security: ISO 27001aligned ISMS, securitybydesign, and continuous monitoring.
  • Reliable delivery discipline: ISO 9001 processes for consistent outcomes, corrective action, and continuous improvement.
  • Executive accountability: Security and quality are leadership responsibilities.
  • Transparency you can verify: Clear assurance packs, documented controls, and auditready evidence.
“Trust is our license to operate. Security and quality are how we earn—and keep—the confidence of the public authorities we serve.”
Jeroen Borst
CEO Scenexus