Profile picture for user Paul Willems
Paul Willems

As a certified IT-auditor (RE and CISA) and privacy professional (CIPP/E, CIPM and CIPT) I have a broad experience within many organisations in very different industries. It is my ambition, challange and hobby to support organisations to improve their level of information security and challange them how to meet the privacy regulations in a practical way. To realise my ambition I facilitate awareness sessions, workshops and trainings and would like to change and improve the mindset within your organisation about information security. 

Because I am a Sr. Lead Assessor of ISO27001, NEN7510, ISO20000, ISO22301 and ISO9001 I know exactly all tips, tricks and pitfalls in case your ambition is to certify against these schemes. Besides these schemes I have experience with Privacy issues, DigiD audits, ISAE3401, SOC, Big Data and SOx. Recent projects involved subjects such as ISO27799, HIPAA and Ehnac.
And last but not least I have done several specific ISO27001 related audits for windfarms to comply against TF08 of WSV (I know, this is a niche market but very important).

Please drop me a line for more information or invite me for an appointment.


ISO 27001 certificering
ICT beveiligingsassessment (DigiD)
Opstellen verwerkersovereenkomst
Opstellen intern beleid meldplicht datalekken
Opstellen interne gedragscode
Opstellen ISMS
Opstellen privacybeleid
Opstellen privacyverklaring
Quick Scan (Zorg)
Quick scan Privacy Gap
Uitvoeren security audit
Baseline informatiebeveiliging gemeenten (BIG)
Nulmeting ENSIA
Uitvoeren VECOZO-audit
Privacy Impact Assessment (PIA)
Baseline Informatiebeveiliging Waterschappen (BIWA)
Baseline Informatiebeveiliging Rijksdienst (BIR)
ENSIA Audit & Assurance rapport
Opleiding Interne Auditor
AVG Quick Scan
Security Awareness
Certificering tegen NEN7510
ABDO 2017