Services
Independent assurance for security and AI governance.
Internal audits against ISO/IEC 27001 and ISO/IEC 42001, designed to produce defensible findings, clear priorities and less disruption to your team.
ISO/IEC 27001 Lead Auditor
ISO/IEC 42001 Lead Auditor
JASANZ Technical Expert & Assessor
ASD IRAP Assessor
Current services
Choose the assessment that fits.
Each service answers the same four questions so you can decide quickly. More cyber and AI assessments will be added here over time.
Good fit / Not a fit
Is this the right kind of work for you?
Good fit
Not a fit
Maturity
The system or control environment already exists
The system is not built yet
What you want
An audit or assessment, not implementation
Urgent rescue or remediation consulting
Evidence
Evidence is mostly digital and can be shared
Physical inspection is central to the work
Delivery
A remote-first review suits the engagement
Special evidence handling must be agreed before starting
Compare
Different systems. The same assurance discipline.
ISO/IEC 27001
ISO/IEC 42001
Management system
Information security management system
AI management system
Typical objective
Internal assurance, audit programme coverage or certification preparation
Internal assurance, governance confidence or certification preparation
Core evidence
Scope, SoA, risk treatment and operating controls
Scope, SoA, AI risks, impacts and operating controls
Outcome
Traceable findings and sequenced priorities
Traceable findings and sequenced priorities
Clear boundaries
What is not included.
Certification
TRUSTYCYBER does not issue certificates or make certification decisions.
Implementation within the audit
The audit does not include designing or implementing the system being assessed.
Automated conclusions
Technology may assist the analysis. It does not determine final findings.
Open-ended consulting
Each engagement has an agreed scope, criteria, method and deliverable.
Not sure which assessment applies?
The fit check takes about two minutes and asks for no documents.