ISO/IEC Certification Audits and Assessments; we are ready when you are! Call +1 (888) 896-7580 today.

The professionals at Lazarus Alliance are completely committed to you and your business’ ISO 27000 certification audit (27001, 27017, 27018, and 27701) ISO 9000 certification audit (9001 and 90003), and others. Regardless of whether you represent the private sector or the public sector, we stand ready to partner with your organizations. Our competition may want to keep you and your employees in the dark where security, risk, privacy, and governance are concerned, hoping to conceal their methodology and expertise. We don’t prescribe to that philosophy. We believe the best approach is transparent and built on a partnership developed on trust and credibility, creating sustainability within your organization.

ISO/IEC 27001 provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security Management System (ISMS).

ISO/IEC 27001 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

Learn more ..

ISO/IEC 27017 is a unique technology standard in that it provides requirements for the customer as well as the cloud service provider.

ISO/IEC 27017 gives guidelines for information security controls applicable to the provision and use of cloud services by providing additional implementation guidance for relevant controls specified in ISO/IEC 27002 and additional controls with implementation guidance that specifically relate to cloud services. ISO/IEC 27017 provides controls and implementation guidance for both cloud service providers and cloud service customers.

Learn more ..

ISO/IEC 27018 is a unique information technology code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
ISO/IEC 27018 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. In particular, ISO/IEC 27018 specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the protection of PII which can be applicable within the context of the information security risk environment(s) of a provider of public cloud services. ISO/IEC 27018 is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which provide information processing services as PII processors via cloud computing under contract to other organizations. ISO/IEC 27018 can also be relevant to organizations acting as PII controllers. However, PII controllers can be subject to additional PII protection legislation, regulations and obligations, not applying to PII processors. This document is not intended to cover such additional obligations.
Learn more ..
ISO/IEC 27701 is a privacy extension to ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls.
ISO/IEC 27701 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization. ISO/IEC 27701 specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing. ISO/IEC 27701 is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors processing PII within an ISMS.
Learn more ..
ISO 22301 specifies the requirements for a management system to protect against, reduce the likelihood of and ensure your business recovers from disruptive incidents.
ISO/IEC 22301 specifies the requirements for a management system to protect against, reduce the likelihood of, and ensure your business recovers from disruptive incidents. ISO/IEC 22301 specifies requirements to implement, maintain and improve a management system to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise. The ISO/IEC 22301 requirements specified are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization's operating environment and complexity.
Learn more ..
ISO/IEC 9001 Quality Management sets out the criteria for a quality management system and is the only standard in the family that can be certified to.
ISO/IEC 9001 Quality Management sets out the criteria for a quality management system and is the only standard in the family that can be certified to. It can be used by any organization, large or small, regardless of its field of activity. The ISO/IEC 9001 is based on a number of quality management principles including a strong customer focus, the motivation and implication of top management, the process approach and continual improvement. Using ISO/IEC 9001 helps ensure that customers get consistent, good-quality products and services, which in turn brings many business benefits.
ISO/IEC 90003 Software engineering - guidelines for the application of ISO 9001 to computer software provides guidance for organizations in the application of ISO/IEC 9001 to the acquisition, supply, development, operation and maintenance of computer software and related support services.
ISO/IEC 90003 Software engineering - guidelines for the application of ISO 9001 to computer software provides guidance for organizations in the application of ISO/IEC 9001 to the acquisition, supply, development, operation and maintenance of computer software and related support services. Organizations can consider it useful to implement the guidelines in the ISO/IEC 90003 and can be interested in knowing whether the resultant quality management system is compliant or not with the ISO/IEC 90003. An organization can use both the ISO/IEC 90003 and ISO/IEC 9001 as assessment criteria for quality management systems in the software domain.
ISO 30141 Internet of Things (IoT) examined and certified by Lazarus Alliance
ISO/IEC 30141 Internet of Things (loT) - IoT can be integrated into existing technologies. Real-time measurements generated by adding sensors to existing technology can improve its functionality and lower the cost of operations (e.g. smart traffic signals can adapt to traffic conditions, lowering congestion and air pollution). The data generated by IoT sensors can support new business models and tailor products and services to the tastes and needs of the customer. In addition to the applications, the technology needs to support the supervision and adaptation of the IoT system itself. An organization can use both the ISO/IEC 27018 and ISO/IEC 30141 as assessment criteria to establish commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with Internet of Things (loT) systems.
ISO Audit and Assessments; we are ready when you are! Call +1 (888) 896-7580 today.
ISO/IEC 42001 is an international standard that specifies requirements for establishing, implementing, maintaining, and continually improving an Artificial Intelligence Management System (AIMS) within organizations. It's designed for entities providing or utilizing AI-based products or services, ensuring responsible development and use of AI systems.

Comprehensive ISO/IEC Pre-Assessment and Certification Audit Services

Once a company has made the decision to enlist a third party to provide a service, they want assurances that those services will be provided timely, accurately, and securely. A ISO 27000 certification audit shows your commitment to maintaining a sound control environment that protects your client’s data and confidential information.

Contact us for more information

Lazarus Alliance’s ISO can provide an early stage gap analysis to determine what pieces of your ISMS are in place or what pieces are missing before you move forward to an informal pre-assessment or to the formal certification audit. The gap analysis is ideal for organizations who are in the process of finalizing their ISMS.
Lazarus Alliance’s ISO can provide a review of your ISMS and its operation essentially as a preview for the future audit. As part of this work, Lazarus Alliance will do a document review and interview employees and other key constituents. The pre-assessment’s objective is to seek the degree of conformance of your system to the ISO standard and provide a readiness level for the actual certification audit.

What to Expect

Through the successful completion of hundreds of audits around the world for organizations of all sizes, Lazarus Alliance has developed an efficient methodology and proprietary assessment protocols to evaluate the controls in place at your organization.

Differentiate yourself from your competitors by providing independent verification that your information security management system has met the requirements of this globally-recognized information security standard.

Certificates issued are valid for a three-year term, during which time observation audits and certification maintenance is periodically performed. Lazarus Alliance assessors conduct brief onsite reviews to ascertain if any material changes have been made to the ISMS as well as perform limited testing.

Certificate Directory

Lazarus Alliance maintains a public register for all certificates issued by the certifying body. The purpose of this registry is to enable third parties, who are in receipt of a certificate, to validate the legitimacy and currency of the document without having to contact a Lazarus Alliance representative.

We want to be your partner and ISO certification provider of choice! For additional information, please call 1-888-896-7580.