Independent cyber security + AI assurance

Independent assurance. Less audit stress.

Evidence-led internal audits and assessments for cyber security and AI governance; producing defensible findings, clear priorities and a practical path forward.

ISO/IEC 27001 Lead Auditor
ISO/IEC 42001 Lead Auditor
JASANZ Technical Expert & Assessor
ASD IRAP Assessor

Free public evidence tool

See what your AI vendor publicly evidences.

Scan public AI disclosures, trust material, certifications, subprocessors and model-provider relationships. See what was found, what remains unclear and which questions deserve deeper review. Automated, point-in-time and based on public sources — not an assurance opinion.

Scan a vendor →

What the scan looks for

  • AI features and disclosed model providers
  • Customer-data training, retention and location claims
  • Certifications, trust material and independent assurance
  • Subprocessors, provider chains and apparent inconsistencies

Why TRUSTYCYBER

Senior, certified and genuinely independent.

Certified lead auditor

Engagements are led and signed off by Andrew Robinson — ISO/IEC 27001 and ISO/IEC 42001 Lead Auditor, JASANZ Technical Expert and ASD IRAP Assessor, with more than two decades in cyber security and assurance.

Traceable findings

Every conclusion links back to the criteria, evidence and professional judgement behind it — defensible under management review or an external certification audit.

Independent by design

Conflicts and prior involvement are assessed before an engagement is accepted. Work is never represented as independent where objectivity cannot be maintained.

How it works

A clear path, fit check to final report.

Five clear steps keep the work proportionate while preserving the testing, judgement and accountability credible assurance requires.

01Check your fit

Tell us the standard, scope, readiness and timing. No documents yet.

02Confirm scope

Agree suitability, independence, evidence handling, price and timetable.

03Open the workspace

Receive a tailored questionnaire and secure evidence request.

04Analyse and clarify

We assess the evidence and ask targeted questions where needed.

05Review and report

A qualified auditor determines the findings and approves the report.

Which assurance path fits?

Use the fit check for a vendor review, solution assurance engagement or ISO internal audit. No evidence is requested at this stage.

Check your fit →