Organisations preparing for ISO 27001 certification, SOC 2 Type I or Type II reports, or responding to customer assurance requirements that demand formal certification. Common for SaaS companies, financial services firms and government suppliers.
Service
Get certification-ready without the consulting bloat.
A focused readiness sprint that prepares your governance, evidence and control operation for certification — whether that's ISO 27001, SOC 2, or both. We help you build what auditors actually need to see, not a library of policies nobody reads.
Typical focus areas
- ISMS design and control ownership
- Risk assessment and treatment planning
- Statement of Applicability support
- Audit evidence preparation
- Supplier and access governance
- Policy and procedure gap analysis
- Internal audit readiness
What you receive
- Readiness gap assessment
- Evidence matrix mapped to controls
- Policy and procedure uplift list
- Audit preparation roadmap
- Executive status report
- Auditor liaison support
4–8 weeks for readiness assessment and preparation. Full certification support timelines depend on scope and auditor scheduling.
Ready to start?
Book a briefing to discuss scope and approach.
We'll give you a straight read on what's involved, what it costs, and whether it makes sense for your situation.