Skip to main content

The core attributes of our approach are efficiency and minimizing the disruption of operational processes during the certification procedures. This requires effective planning and open communication with your organization throughout the entire engagement and particularly during the reporting and audit phase. Our approach is focused on delivering quality throughout the entire process and is subject to our quality standards. Our services focus on the project management leading to an ISO 27001 compliant Information Security Management System (ISMS). These services include:

  • Overall support for the certification procedures of ISO 27001, including support on integrated project planning.
  • Deliver support in the documentation of the identified controls and improve existing processes and process descriptions if necessary.
  • Performing a walkthrough (pre-audit) focused on identifying possible issues that may arise during the audit. This pre-audit will be part of the quality assessment of the organization.
  • Performing the ISO 27001 audit to assess whether the controls are suitably designed to achieve the information security objectives specified in the ISMS, in order to establish that the defined processes actually exist in accordance with ISO 27001 requirements. Based on the complexity of the activities, employees with different education- and experience levels will be involved in the engagement.

Service providers



We believe that most services providers deliver high quality services and a net benefit to society, through their products and services, creation of jobs and the sum of their behaviors.

The GRC index seeks to provide a platform to expose the areas of their operations and overall activities that are material to improving societal outcomes, including those that will affect future generations.

The GRCi connects different frameworks and standards for effective governance and risk management, and is build on four pillars; Quality, Accountability, Effective Governance and Ethics.



Provide high quality services and responsible stewardship of outsourced services in the best interests of user organizations and their customers.



Exhibit accountable governance and develop governing bodies that reflect expertise, diversity and provide oversight to sustainability risk.



Demonstrate accountability, transparency and responsible management in addressing adverse events and controversies while minimizing risks and building trust.



Apply ethical standards in all operations,including in dealings with customers,regulators and business partners.