ISO 27001:2022, recertification-friendly.
The world's most-asked-for security certification — built into tecsxpert as a first-class program. Annex A controls, SoA management, internal audit calendar, surveillance and recertification automation.
An ISO 27001 program, not a checklist.
Annex A:2022 — all 93 controls
Organizational, people, physical, technological. Each control comes with a default policy, owner template, and evidence collector.
Statement of Applicability
Live SoA generated from applicability decisions. Justifications, exclusions, control selection — versioned and signed.
Internal audit calendar
ISO 19011-aligned audit planning, sampling, walkthroughs, finding management, management review packs.
Risk treatment
Risk register with treatment plans, residual risk tracking, board-level acceptance workflows.
Surveillance & recertification
3-year cycle automation. Delta-aware change packs. Cert body coordination from inside the platform.
Crosswalks built in
Every Annex A control is mapped to SOC 2, DPDP, GDPR, HIPAA, PCI and NIST. Evidence flows everywhere it should.
From kickoff to certificate — fast.
Most Managed GRC customers close ISO 27001 stage 1 audit within 90 days of kickoff, and stage 2 within another 60. Self-service customers run the same playbook — at their own pace.
From scoping to certificate.
30-minute walkthrough on your real stack. No slideware. Bring your AWS account or GitHub org if you want to see live findings.