Implementation, audit-readiness, and ongoing assurance for the information security and data protection frameworks that govern regulated industries.
ISO/IEC 27001 & 27701 Certified · TSE Class A · CREST International Member
Gap analysis, ISMS design, statement of applicability, risk treatment, internal audit, and certification-readiness for ISO/IEC 27001:2022.
PIMS extension to ISO 27001 — controller and processor controls aligned with GDPR and KVKK requirements.
Implementation and assessment against NIST SP 800-53, 800-171, 800-218 (SSDF), and the NIST Cybersecurity Framework (CSF) 2.0.
Governance, risk, and impact-assessment frameworks for organisations developing or deploying AI systems. Aligned with the EU AI Act.
Article-by-article readiness for EU financial entities: ICT risk management, third-party register, incident reporting, and threat-led penetration testing (TLPT).
Certification preparation for the U.S. Department of Defense supply chain — Level 1, Level 2, and Level 3 readiness assessments.
Full lifecycle KVKK programme implementation, VERBIS registration, and supervisory authority engagement support.
GDPR programme implementation, DPO advisory, cross-border data transfer mechanisms.
Sertifikasyon ve Akreditasyon Kuruluslari