ISO 27001 information security systems consulting, training and certification by Gravity Standards

___________________________________________________________

Get ISO 27001:2022 Information Security Certification 

for your Organization

What is ISO/IEC 27001:2022 ?

Title of the standard : Information security, cybersecurity and privacy

protection-Information security management systems-
Requirements

ISO 27001:2022 standard specifies the requirements for establishing,

implementing, maintaining and continually improving an information security

management system within the organization. It includes requirements for the

assessment and treatment of information security risks by the application of

necessary controls defined at Annex-A of ISO 27001 standard.

Why to get ISO 27001:2022 certification? 

➤Protect your customers' confidential and personal data.

➤Have information and cyber security controls in place. 

➤Boost your customer's confidence and trust in your information systems.

➤Gain a competitive edge, get more customers and expand your business.   

➤To comply with customer/legal/regulatory requirements

➤Suitable for any business sector, especially for Information 

   Technology/Software Companies, Banks, R&D, Pharmaceutical, 

   Government Organizations and Manufacturing Sectors.  

What do Gravity Standards do to get ISO 27001:2022 certification? 

We provide the consultancy online/onsite mode which covers the following tasks... 

1) Gap Analysis

2) Preparation of ISMS Manual, policies  and procedures.

3) ISO 27001 Awareness training 

4) Implementation review/Follow up review

5) Internal audit as per ISO 27001

6) Guidance to close the deviations in the internal auditing 

6) Guidance to complete the certification audit successfully  

We are competent (qualified lead auditor) in ISO 27001:2022 standard.

We have completed ISO 27001 projects successfully and our clients 

have achieved the required ISO 27001 certification. 

Internal Auditor Training ISO 27001:2022 

We provide online/onsite internal auditor training as per 

ISO 27001:2022 standard. This internal auditor training course 

provides participants with the knowledge and skills to perform 

internal audits of ISMS-information security management systems 

based on ISO 27001:2022. We issue the certificates for the

participants.

Internal Audit for ISO 27001:2022

We conduct online/onsite internal audits of organizations 

as per ISO 27001:2022 requirements.

We identify the gaps, nonconformities and improvement 

points and we report it to relevant organizational

members or top management to improve the systems.

We can conduct this internal audit as per client requirements.   

1) before initial certification audit 

2) after receipt of ISO 27001 certificate/as a routine basis

(example monthly once) to monitor the status of ISMS.  

_______________________________________________________

Giridhara S | Chief Executive Officer | Gravity Standards
No-5, Kutralam Nagar, Kovaipudur, Coimbatore 641 042. 
Tamil Nadu, India. 
+91 944 22 48124   +91 6381 889 582
Email1:  607014@gmail.com ;
Email2: info@gravitystandards.com/   
www.gravitystandards.com

_________________________________________________________

We improve your standards

We improve your standards

IATF 16949 Automotive QMS consulting, training and certification by Gravity Standards

 We improve your standards

  

Company Profile Gravity Standards

We improve your standards 

Information Updated as on 12-June-2024

---

1. INTRODUCTION

We provide consultancy and training for implementing the International Standards in our client's

organizations effectively:

• ISO 27001, TISAX, SOC2 & GDPR compliance
• ISO 20000
• CMMI
• IATF 16949 
• VDA 6.3
• ISO 9001
• IMS
• ISO 14001
• ISO 45001
• ISO 13485
• AS9100
• ISO 17025/NABL
• ISO 31000
• ISO 22000
• ISO 50001
• Six Sigma Green Belt & Black Belt 

We have implemented various management system standards with dedication & passion for 32 years. 

We are very happy and proud to be in a profession for Quality, Environment and Safety standards.  

We have completed 200+consulting projects successfully in quality, environment and safety certifications. 

We have provided training and certified about 900+ internal auditors for various standards during this period. 

We have been working smart & hard and have seen the transformation of systems & processes at our clients from

poorer to excellence level.

Information in this blog would be very useful to our clients and other people who are interested to know more about

Total Quality Management (TQM) System and our services.

All the standards implemented for Quality, Environmental, safety, information security come under Total Quality Management (TQM). 

Most of these TQM standards are published by the International Organization for Standardization (ISO). Refer link: https://www.iso.org

---

2. ABOUT US

Our consulting services started in the year 2005 by our chief executive/Chief Consultant S.Giridhara. He is a graduate mechanical engineer

and has 29 years industrial and consultancy experience in implementing TQM concepts. He has guided about 200+ clients for implementing

ISO 9001, IATF 16949, ISO 27001, ISO 20000, SOC2, VDA 6.3, TISAX, ISO 14001, ISO 45001, ISO 13485, AS9100, ISO 17025, ISO 22000,

six sigma projects and TQM principles. He is a Qualified Lead Auditor for

QMS-ISO 9001:2015. He has been qualified internal auditor for IATF 16949:2016,

EMS-ISO 14001:2015, OHS ISO 45001:2018, AS9100D, ISO 27001 and ISO 13485. He is a Qualified Six Sigma Black

Belt from Indian Statistical Institute (ISI).

He has qualified an assessor for CMMI-DEV 1.3. 

In addition to him, we have a team of trained faculties and consultants to handle the training programs and consultancy projects. 

Our company is located in Coimbatore, Tamil-Nadu, Southern part of India.

---

3. CONSULTANT PROFILE     

Year of establishment :2005

Consulting Project work experience : 19 years  

Industrial QA and Project Management work experience : 13 years 

Total Experience in Implementing systems and standards : 32 years

We possess the following certificates from recognised international bodies:  

1. Qualified ISO 9001:2015 Lead auditor Certificate  

2. Qualified ISO 27001:2022 Lead Auditor Certificate

3. Qualified ISO 20000-1:2018 Lead Auditor Certificate

4. Qualified IATF 16949:2016 Internal Auditor Certificate

5. Qualified internal auditor for IMS (ISO 9001:2015, ISO 14001:2015, ISO 45001:2018) Certificate

6. Qualified AS9100D Internal Auditor Certificate

7. Qualified Six-Sigma Black Belt Certificate.

8. Qualified  Assessor/trainer for CMMI DEV 1.3 (certificate)

9. Qualified ISO 13485:2016 internal auditor Certificate

---

4.0 OUR SERVICES-AT A GLANCE  

4.1 We provide the following consultancy activity:

• ISO 20000    : 2018  IT service Management

• ISO 27001    : 2022 IT security Management  & GDPR compliance        

• SOC2 : Service organization control-Type2

• TISAX : Information security for Manufacturing

• CMMI-DEV   : 1.3 Capability Maturity Model for software Development

• IATF 16949   : 2016 Quality Management System (QMS for Automotive Sector)

• VDA 6.3 : 2016 Process audit requirements
• ISO 9001      : 2015  Quality Management System (QMS for all sector)

• ISO 13485    : 2016 QMS for Medical Devices

• AS9100D     : QMS for Aerospace Sector

• ISO 14001    : 2015 Environmental Management System (EMS)

• ISO 45001    : 2018 Occupational Health & Safety Management System (OHSMS)

• ISO 22000    : 2018 Food Safety Management (ISO & FSSC)

• ISO 17025/NABL : 2017 QMS for Laboratory

• IMS               : Integrated Management System (implementing multiple standards)

• ISO 50001    : 2018 Energy Management
  

  ---

4.2 Number of projects completed successfully 

Provided Consultancy in the role of chief consultant/team leader for obtaining the following certification

(successfully completed projects)  

SL	Standard	Number of projects completed
1.	ISO 9001 Quality Management System (QMS)	134
2.	IATF 16949 Quality Management System -QMS for Automotive sector	28
3.	VDA 6.3 process audit requirements	4
4.	ISO 20000 IT service Management	1
5.	ISO 27001 Information Security Management System (ISMS)	8
6.	AS9100D  Quality Management System-Aerospace and defense	1
7.	ISO 14001 Environmental Management System (EMS)	9
8.	ISO 45001 OHS Safety Management System	11
9.	Integrated Management System (ISO 9001+14001+45001+IATF)	16
10.	ISO 17025 (NABL accreditation for Labs)	2
11.	ISO 13485 Medical QMS	2
12.	FSSC 22000 (ISO 22000 + HACCP + PRP/ISO/TS 22002)	2
Total		218

 4.3  We have provided the following training to our client members...

• Internal Auditor Training for ISO 9001:2015

• Internal Auditor Training for IATF 16949:2016

• Internal Auditor Training for ISO 14001:2015

• Internal Auditor Training for ISO 45001:2018

• Internal Auditor Training for AS9100D

• Internal Auditor Training for ISO 27001:2022

• Internal Auditor Training for ISO 20000-1:2018

• Internal Auditor Training for ISO 13485:2016

• Internal Auditor Training for IMS (Integrated Management Systems)

• ISO 31000:2018 Risk Management Implementation Training

• CMMI Implementation Training

• APQP (Advanced Product Quality Planning)

• PPAP (Production Part Approval Process)

• FMEA (Failure Mode and Effects Analysis)

• SPC (statistical Process Control)

• MSA (measurement system analysis)

• Six-Sigma Green Belt and Black Belt Certification Training for employees 

• Total Quality Management (TQM)

Number of internal auditors successfully completed and certificates issued : 900

4.4 Qualifying methods/Exams for Internal auditors  ...   

We conduct a written exam to participants at the end of internal auditor training. Each participant writes this exam independently.

We evaluate and qualify the successful participants. Successful participants will be the qualified internal auditors for the client.   

4.5 SECTORS COVERED 

We have provided consultancy in the following sectors:

4.5.1 Manufacturing/Production sector covered  

• Machining

• Automobile parts

• Electrical/Pumps

• Wire and cables

• Steel Castings

• Cast Iron castings

• Die castings

• Forgings

• Fasteners

• Heat treatment

• Jewelry Making Machines

• Tool Holder Manufacturer

• Tool and Die Manufacture

• Textile Machine assembly units

• Garment manufacturing units

• Food Production (Coffee/Tea Powder manufacturing, chicken processing units)

• Injection Molding

• Blow molding

• Roto molding

• Continuous Process Industry/Chemical Industry

• Electronics

• Design and development

• Electroplating

• Powder coating

• Anodizing

• Aluminium/welding/sheet metal fabrication

• pressed components

• Machinery manufacture/Machine assembly

4.5.2 Service sectors covered  

• Software development/IT/BPO/AI/ML/ITSM

• Education (schools, engineering colleges, science, commerce and arts colleges) 

• Tourism

• Trading

• Hospitals

• Logistics

• Construction

• We have covered government and private companies. 

• We have covered Limited, private limited, partnership and proprietor companies

4.5.3 Government Sector Covered

• State Government-TWAD Board-Quality Control Lab-coimbatore (ISO 9001 and ISO 

•   17025 consulting)

• State Government-TWAD Board-Quality Testing Lab-Madurai (ISO 17025 consulting)

• State Government -Higher secondary school (ISO 9001)

4.6 Documentation and implementation process

We are competent in the following documentation/ processes/ methods. We train and guide our customer team to prepare/practice

these documents/concepts/methods.  

+Vision, Mission, Policy and Objectives 

+Business Plans & strategic plans

+Process Mapping documents/Process Maps/Process flow diagrams

+Turtle Diagrams

+Organization charts & Responsibility & authority document

+Quality Manual for QMS

+Environmental System Manual for EMS

+Safety Manual for OHSMS

+Integrated Manual (combined manual for multiple standards)

+Supplier Quality Manual

+Procedures Processes-wise or activity-wise

+Risk assessment study for QMS

+Procedures-Department-wise/function-wise

+Process Modules

+Aspect-Impact study for EMS

+HIRA study for OHSMS

+GAP analysis reports

+SWOT analysis report

+HACCP document-For food safety

+GMP Document-for food safety

+Contingency Plans

+Continual improvement project/case study reports

+Application of statistical techniques and tools

+Six-Sigma project documentation/case study reports

+Check sheets/inspection reports

+Data collection sheets

+Various records required to comply the standard's requirements 

+Process routing card

+Sampling Plan

+Work instructions/Operation standard/Standard Operating Procedure-SOPs  

   Operation Control Procedures (OCPs) 

+Process Flow charts

+Quality Plans/Control Plans

+APQP

+PPAP

+Design FMEA (DFMEA)

+Process FMEA (PFMEA)

+MSA study reports

+SPC Control Charts

+SPC Process capability study reports +MTBF Analysis

+MTTR Analysis 

+Change Management (Engineering changes and Process changes/4M changes)

+Risk Assessment Reports for QMS, EMS, OHSAS and information security 

+Contingency Planning and Abnormality Handling 

+Configuration Management & Obsolesce Parts Management   

+Aspect Impact study for EMS

+HIRA for OHSMS

+Process qualification/validation reports

+HACCP (for food safety)

+Good Manufacturing Practices (GMP) (for food safety)

+Overall Equipment Effectiveness (OEE)

+Cost of Poor Quality (COPQ)

+Kaizen

+Poka-yoke/Mistake Proofing

+Skill Mapping/Skill Matrix

+Post training evaluation methods

+Product NC reports/8D/CAR/CAPA/Problem solving methods

+Emergency Evacuation Map

+Legal register

+5s Sign boards and yellow line markings

+Internal Auditing and Internal audit reports for various standards 

+Objectives/Process Measures/KPIs/Performance Indicators 

+Objective trend charts/graphs

+Management review & Minutes 

+Format templates for these TQM tools/concepts

---

5. INTERNAL AUDITING PROCESS 

We provide Internal auditor training to our client members and we certify those participants successfully completing the training program through

written exam. We also conduct an internal audit of our client's management system/processes before certification audit. Client’s internal auditors

are observers during this internal auditing process.

---

6. CERTIFICATION AUDIT

6.1 Impartiality in certification audit process

We ensure impartiality and independence in the certification process. 

We are independent of the certification body processes. We have vast experience with many certification bodies operating in the world.

We aren't involved in the selection of the certification body. Normally the certification body is selected by our clients based on the

merits and demerits of the certification body. We aren't involved in the certification process.

We don't participate (or observe) in the certification audit process. We neither present documents/records to the certification body auditors

nor force the auditors to alter certification audit findings. This policy ensures impartiality and independence in the certification process

as per ISO 17021.

6.2 Accreditation vs Certification process

We should be very clear about the difference between “accreditation” and “certification”.

“Accreditation” is different and “certification” is different. The certification body is not an accreditation body. The certification body is a

competent body to issue ISO 9001 certificates to organizations meeting requirements of ISO 9001 standard. Whereas, the accreditation body

is a body, which monitors, regulates and controls the certification activity. 

Certification bodies should get registered in an IAF MLA recognized accreditation body.

To ensure recognition, the accreditation body must have an agreement with the IAF (International Accreditation Forum).

This agreement is called the “MLA-Multilateral Agreement”.

IAF is an association of accreditation bodies operated in many parts of the world.

The secretariat of IAF is located in Australia. Certificate issued by the certification body is valid world-wide if it is issued through the IAF-MLA chain.

A certificate issued to a client (organization), by a certification body, which does not come under this accreditation chain is considered invalid. 

If a certificate issued by a certification body does not have an accreditation logo mark, then such a certificate is not a recognized one.

There are many un-authorized accreditation bodies and certification bodies issuing an ISO 9001 certificate without the approval of IAF-MLA.

Such certificates are called unaccredited certificates or “fake” certificates.

Accreditation logo mark in the certificate ensures validity/approval/recognition of an ISO 9001 certificate in the market.

Certificate not containing accreditation logo mark is treated as the un-authorized certificate. Public or purchasers/customers of product/service

should be well aware of this accreditation process. 

As per IATF 16949:2016 automotive standard, IATF 16949:2016 certified organizations (or applying for new IATF 16949:2016 certificate)

must use a supplier having a valid ISO 9001:2015 certificate. Suppliers must obtain the ISO 9001:2015 certificate from an IAF MLA recognized

certification body. If a supplier is having ISO 9001:2015 certificate from an unaccredited (unauthorized) certification body, then it is a

nonconformity to the IATF 16949:2016 standard. This nonconformity is issued by the IATF 16949 organization.

Normally, the country's standardizing body is accredited with IAF.

To know more about accreditation bodies coming under IAF MLA please go through the link : https://www.iaf.nu

---

7. CONFIDENTIALITY COMMITMENT

We practice strict confidentiality policies. 

Any information/data which are confidential in nature like client's financial information/ client's customer details/client's supplier details/client's

employee details/equipment used/ processes/products/projects/technology/ documents/Trade secrets/client's personal information are not

disclosed by us to anybody.

---

8. CONTACTS 

S.GIRIDHARA

CEO 

Gravity Standards

Mobile : +919442248124,  +916381889582

5, Kutralam Nagar, Kovaipudur, Coimbatore 641042, Tamil Nadu, India.

website : https://www.gravitystandards.com/

email : 607014@gmail.com