NLEN
Home Knowledge Base ISO 27001 NIS2 DORA ISO 42001 ISO 27701 GDPR/GDPR Web Pentest AI & LLM Security AI Governance GRC Platform About us Careers Contact

Certified cybersecurity consulting for ISO 27001, NIS2, DORA and GDPR

iso2700x.com — Certified cybersecurity consultants
Free Consultation View GRC Platform

As a specialised cybersecurity consulting and consultancy for SMEs and mid-market firms, we combine ISO 27001, NIS2 and DORA expertise in one team — powered by our own GRC platform for continuous compliance. Our consultancy approach is pragmatic, proven and focused on audit-ready results.

Our Approach
"Outsourcing certification entirely is a dead end. The moment the consultants leave, the ISMS collapses."

That is why we work differently: we guide your team intensively through every phase, transfer real knowledge, and use our platform and templates to make compliance stick — so your organization actually operates at the required security level.

Intensive Co-creation
We work side by side with your team. Every policy and every risk analysis is built together — internal ownership from day one.
Tailored Tools & Templates
64+ policy templates tuned to your sector and risk appetite — no generic copy-paste compliance.
Built to Last
Certification is not the end point. We establish governance structures and improvement cycles so your ISMS continuously grows stronger.
Services

Four focus areas.
One partner.

From our own on-premise GRC Platform to certified ISO 27001 guidance, GDPR compliance and AI Governance — everything under one roof.

01 Our own product

iso2700x GRC Platform

The only compliance platform that combines ISO 27001, NIS2, DORA, GDPR and NEN 7510 — 100% on-premise, EU-sovereign, powered by Compli AI. Your data never leaves your network.

100% On-Premise EU Sovereign Multi-Tenant Compli AI 25+ Integrations
View the platform
Controls & Risk Register
145 controls · ownership · treatment plan
82+ Policy templates
Compli AI · review & approval workflow
Audit Management
Stage 1 & 2 · CAPAs · audit reports
SOC & Incidents
SIEM/XDR · CVE import · asset enrichment
ISO 2700193 controls
NIS217 requirements
DORA20 requirements
GDPRintegrated
NEN 7510healthcare
02
ISO 27001 Certification

From gap analysis to certificate — by CISSP-, CISA- and Lead Auditor-certified consultants. Includes NIS2, DORA and vCISO services. We build your ISMS together with your team so it sticks.

ISO 27001:2022 · 4-phase journey
NIS2 duty of care & DORA ICT risk
vCISO / Security Officer as a Service
From €2,500 quick scan · from €28,500 fast-track
More about ISO 27001
03

GDPR & Privacy

Privacy compliance as a continuous process. Fines up to €20 million. We always start with a Privacy Assessment and deliver an external DPO who really works for your organization — SME+ focused.

Privacy Audit & Records of Processing
DPIAs · data breach procedure within 72h
DPO-as-a-Service (external DPO)
ISO 27701 PIMS · ~70% overlap ISO 27001
More about GDPR
04

AI Governance & Security

AI systems make decisions that affect people. Without governance: reputational damage, legal liability. We implement ISO 42001, the EU AI Act and test your LLMs via OWASP LLM Top 10.

ISO 42001 AI Management System
EU AI Act risk classification
LLM pentesting · prompt injection
AI policy & NIST AI RMF
More about AI Governance
GRC Platform

Compliance management.
Your infrastructure.

The iso2700x GRC Platform is the only on-premise GRC solution that combines ISO 27001, NIS2, DORA, GDPR and NEN 7510 in one system — without cloud, without vendor lock-in.

Controls & Risk Register

145 controls per tenant, risk assessments with ownership and treatment plan.

82+ Policy templates

Compli AI drafts tailored policies. Review, versioning and distribution management built in.

25+ Integrations

SIEM, asset management, vulnerability scanners and incident systems connected.

Audit Module

Internal audits, CAPAs, Stage 1 & 2 guidance — fully traceable.

Multi-Tenant & MFA

Fully isolated tenants, JWT + TOTP MFA, role management via AD/LDAP.

Project & Task Management

Assign compliance tasks to owners with deadlines and automatic evidence management.

View all features
100% On-Premise · EU-Sovereign
Supported Frameworks
ISO 27001:2022
ISMS · Annex A · Statement of Applicability
93
controls
NIS2
Article 21 · Duty of Care · Reporting Duty
17
requirements
DORA
ICT risk management · Operational resilience
20
requirements
GDPR
DPIA · Records of Processing · Privacy controls
integrated
NEN 7510
Information Security in healthcare
healthcare
82+
Policy templates
25+
Integrations
No cloud dependency. Your data never leaves your network.
EU Data Sovereignty

Your data in European hands — structurally, not contractually

Data residency and data sovereignty are not the same. We work exclusively with providers that fall entirely under European jurisdiction. No foreign authority can compel access to your data through a court order.

Ask us a question
No CLOUD Act exposure
Our suppliers fall entirely outside the scope of US extraterritorial legislation.
GDPR by Design
Processing and storage exclusively within the European Economic Area, in line with GDPR requirements.
Legally enforceable control
Technically and legally, access to your data is only possible within the EU jurisdiction.
Open standards, no lock-in
Docker-based, portable architecture. Freedom to act when legislation changes.
Data residency ≠ data sovereignty. Location alone is no guarantee — control over the provider is.
Approach

From baseline to certificate in 4 phases

1
Baseline Assessment
Gap analysis vs. ISO 27001:2022. Priority report for management.
~1 week · from €2,500
2
ISMS Implementation
Risk Analysis, Statement of Applicability, 93 controls and policies via GRC Platform.
4–6 months
3
Certification
Internal audit, management review and guidance for Stage 1 & Stage 2.
External certification audit
4
Continuous Management
Surveillance audits, re-certification and vCISO services for continuous improvement.
Annual maintenance
View complete journey
Transparent Investment

ISO 27001 journeys

Clear packages, no hidden costs. All prices excl. VAT.

Step 1
Baseline Assessment
from €2,500
excl. VAT · turnaround 1 week
Baseline vs. ISO 27001:2022
GAP analysis — 93 controls
Priority report for management
Timeline to certification
Request assessment
Most chosen
ISO 27001 Certification
Custom
excl. VAT · 4–6 months
ISMS setup & risk analysis
SoA + all 93 controls
64 policy templates via GRC
External audit guidance
1 year GRC licence included
Request quote
Extended
ISO 27001 + GRC Platform
Custom
excl. VAT · 6–9 months
Full GRC Platform deployment
Wazuh / GLPI / Ansible integration
Staff training & awareness
Supplier assessment
1 year post-certificate maintenance
Request quote

Ready for the next step in information security?

Schedule a no-obligation consultation and discover how we guide your organization to ISO 27001, NIS2, DORA and GDPR — with our own GRC Platform.

Free Consultation plannen +31 (0)318-798021