Client’s Confidentiality
Management

Service > Confidentiality

Client Coverage
and Confidentiality Commitments

This covers all categories of clients who have signed contract for audit and certification with NIPL. To inspire trust in the certification body, NIPL has established legally enforceable agreements with individuals, committees and external bodies (if any) and individuals working on its behalf, which binds them to maintain confidentiality of the information obtained or created during the performance of audit and certification activities.

small-circle

Policy on Client Information Confidentiality

Client related all information excepting those that has been made publicly accessible by the client, are treated as confidential. NIPL has informed its clients in advance about the type of their information, that the CB intends to place in public domain. Confidential information required to be made available to interested parties (e.g. Legal or regulatory authorities) under ISO 17021-1:2015 standard, are disclosed on the basis of Certification contract signed by the client.

Confidential information of client required to be disclosed to Govt. authorities as per their written request, is disclosed to them, and the client is informed about the information shared with legal authorities, unless prohibited by law. Confidential information of clients other than those described above, are not disclosed to any one without getting written consent / permission from the client. Information about the client received from sources other than the client (e.g. complainant, regulators) are treated as confidential. Record of Such information and of subsequent action if any, is retained in the clients audit file.

privacy

NIPL has made its Personnel, including any committee members, contractors, personnel of external bodies or individuals acting on the certification body’s behalf, legally bound to keep confidential all information obtained or created during the performance of the certification body’s activities. NIPL takes prior permission from its clients as per its audit & certification contract signed by the Client, regarding possible sharing of their Confidential information contained in audit reports/ file, with certification related regulatory bodies, if any.

Our Process
Simple, Seamless, Streamlined

A controlled approach to safeguard sensitive information and client data.
  • Information classification and access control
  • Secure handling and storage practices
  • Confidentiality agreements enforcement
  • Periodic compliance monitoring
Know More

Free Requirements Analysis

    FAQ

    What is Nishaj Infosolutions Pvt. Ltd.? arrow

    Nishaj Infosolutions Pvt. Ltd. is a cyber security and compliance consulting company based in India that helps businesses assess, improve, and secure their IT infrastructure, manage risks, and achieve compliance with global standards.

    What types of services does Nishaj Infosolutions offer? arrow

    We offer a wide range of services, including:

    • Cyber security testing (Vulnerability Assessment & Penetration Testing)
    • ISO 27001 implementation and advisory services
    • SOC 1/SOC 2 compliance and audit support
    • Infrastructure security testing
    • CISA audit and consulting services, and other security, compliance, and IT risk management solutions.

    What is VAPT and why is it important for my business? arrow

    Vulnerability Assessment and Penetration Testing (VAPT) involves identifying security weaknesses and simulating cyber-attacks on systems to find vulnerabilities before hackers do. It helps organizations strengthen security posture and protect sensitive data.

    What is ISO 27001 and how can Nishaj help with it? arrow

    ISO 27001 is an international standard for information security management systems (ISMS). Nishaj offers advisory, assessment, gap analysis, implementation, and support to help organizations achieve and maintain ISO 27001 certification.

    How does SOC 1/SOC 2 compliance support my business? arrow

    SOC 1 and SOC 2 reports ensure that your organization meets strict standards for controls related to financial reporting (SOC 1) and trust service criteria like security, confidentiality, and privacy (SOC 2). Nishaj provides assessment, implementation support, and reporting services for SOC compliance.

    Do you offer consulting or training on cyber security best practices? arrow

    Yes. We provide cyber security consulting, VAPT awareness training, and compliance readiness training to help your team understand threats and strengthen defenses effectively.

    Which industries can benefit from your services? arrow

    Our services are valuable for organizations of various sizes and industries that need to secure their digital assets, comply with regulations, and manage risks — including IT, finance, healthcare, legal, and more.

    How do I get started with a security assessment or compliance project? arrow

    Simply contact us through our website’s contact form or call us to schedule an initial consultation. A Nishaj expert will connect with you to understand your requirements and propose the best solution.

    What makes Nishaj different from other cyber security service providers? arrow

    We offer tailored, cost-effective solutions backed by a strong team of specialists, comprehensive service offerings, and real-world experience in helping businesses improve security posture and compliance.

    Can you support remote and on-site security engagements? arrow

    Yes. We provide flexible engagement models that include remote assessments, on-site services, and hybrid support depending on your needs, ensuring minimal disruption to your operations.

    We help global leaders with their organization’s most critical issues and opportunities. Together, we create enduring change and results.

    Services

    Get in Touch

    Follow Us

    Facebook Linkedin Instagram

    Find Our Location

    Privacy Policy  |     © NISHAJ INFOSOLUTIONS PVT. LTD. 2021 All Right Reserved.