Category:Standards

I have implemented ISO27001, ISO9000 and CyberEssentials certification, and have helped organisations meet ETSI TS 103 645 (which is consumer IoT security).

A more bizarre certification is the US ITAR or International Traffic in Arms Regulations. I have helped several US organisations become compliant with this munitions list, and many more organisations to evade it altogether. The ITAR arose from historical efforts to control what software countries other than the US had, which was and remains an impossible and pointless exercise. Nevertheless these regulations are very real and at times they are enforced.