|
|
|
|
|
|
by mlitwiniuk
147 days ago
|
|
|
No, we don't do audits — and that's intentional. I think there's a conflict of interest when the same company advises you on compliance and then certifies you. Incentives get weird. The good news: there are plenty of EU-based ISO 27001 audit firms. We can recommend one or two if you need a pointer — we just don't have a formal catalogue or marketplace for that yet (though it's on my list). So you'd use Humadroid for the preparation - policies, controls, evidence, risks, continuity plans, ISMS workbook - and then bring in an independent auditor for certification. |
|
|