This covers all type of activities performed by the NIPL, in matters related to assessment and certification of client’s management system. NIPL has established a system to identify, analyze, evaluate, treat, monitor, and document the risks, arising out of any conflict of interest of its top management, auditors, certification decision makers, due to its relationship with any organization or business interest, or from the activities of other associated persons, bodies or organizations.
At least once in every 6 months, all potential risks and threats to the impartiality of our assessment and certification process. However in case of any imminent threat or risk, the issue is identified and documented in record by the CEO, even before the scheduled time. The CEO interacts with subject experts and the risk/ threat is analysed, evaluated and appropriate action is taken to neutralize or minimize the risk/ threat. Result of action and result is monitored and associated information is recorded.
To ensure impartiality in its assessment and certification process, NIPL has resolved and established a policy that it shall never establish any subsidiary or any joint venture or any business partnership that may pose an unacceptable threat to impartiality. It has further resolved to not accept applications for assessment & certification from organizations where its auditors or decision makers have any relationship of direct financial interest. After taking action to neutralize or mitigate risk/ threat, the top management reviews, whether any residual risk falls within unacceptable or acceptable risk. If it falls within acceptable threat range, further action is not taken. Monitoring is done and as and when the risk escalates additional action is taken to eliminate the risk.
If even after taking action to contain/ eliminate the threat, it still poses unacceptable risk to our impartiality, the issue is discussed with the Impartiality committee and their advice is recorded in the minutes of the Impartiality committee. The CEO acts upon the recommendations of the impartiality committee. To oversee all issues related to impartiality and to ensure elimination of actual or perceived partiality, NIPL has established a 5 member “Committee for safeguarding Impartiality” commonly called the Impartiality committee. The committee is not employee of NIPL and has supervisory authority over its assessment and certification process.
Members of the Impartiality committee are selected from the civil society and are not employee of the NIPL. The CEO who is the Secretary/ convener of the committee and a nonvoting member, implements the decisions of the committee. Care is taken to ensure that no single group interest shall prevail over the decisions of the committee. The Impartiality Committee meets at least once every 6 months and reviews assessment and certification processes. Those cases where bias is suspected, are investigated in detail. Appropriate action is taken to correct the situation and further management system improvement is done to prevent occurrence of such cases. Any member of the impartiality committee can call a meeting of the impartiality meeting even before 6 months, and call any document/ record for perusal by the committee.
The committee can order revision and addition in Manuals, SOPs work process to eliminate chance of bias, if any. Minutes of the meeting of the impartiality committee is documented and maintained for at least 3 years. The Impartiality committee performs ombudsmen job, and credibility and reputation of the certification body depends on its performance.
A governance-driven approach to ensure objectivity and avoid conflicts of interest.
Nishaj Infosolutions Pvt. Ltd. is a cyber security and compliance consulting company based in India that helps businesses assess, improve, and secure their IT infrastructure, manage risks, and achieve compliance with global standards.
We offer a wide range of services, including:
Vulnerability Assessment and Penetration Testing (VAPT) involves identifying security weaknesses and simulating cyber-attacks on systems to find vulnerabilities before hackers do. It helps organizations strengthen security posture and protect sensitive data.
ISO 27001 is an international standard for information security management systems (ISMS). Nishaj offers advisory, assessment, gap analysis, implementation, and support to help organizations achieve and maintain ISO 27001 certification.
SOC 1 and SOC 2 reports ensure that your organization meets strict standards for controls related to financial reporting (SOC 1) and trust service criteria like security, confidentiality, and privacy (SOC 2). Nishaj provides assessment, implementation support, and reporting services for SOC compliance.
Yes. We provide cyber security consulting, VAPT awareness training, and compliance readiness training to help your team understand threats and strengthen defenses effectively.
Our services are valuable for organizations of various sizes and industries that need to secure their digital assets, comply with regulations, and manage risks — including IT, finance, healthcare, legal, and more.
Simply contact us through our website’s contact form or call us to schedule an initial consultation. A Nishaj expert will connect with you to understand your requirements and propose the best solution.
We offer tailored, cost-effective solutions backed by a strong team of specialists, comprehensive service offerings, and real-world experience in helping businesses improve security posture and compliance.
Yes. We provide flexible engagement models that include remote assessments, on-site services, and hybrid support depending on your needs, ensuring minimal disruption to your operations.
We help global leaders with their organization’s most critical issues and opportunities. Together, we create enduring change and results.
Privacy Policy | © NISHAJ INFOSOLUTIONS PVT. LTD. 2021 All Right Reserved.