Certifications Roadmap

We are building Cognistase to meet the highest certification standards from day one. Rather than seeking certifications retroactively, we implement the requirements during development so that formal certification is a confirmation of existing practices, not a scramble to comply.

Current status

Our architecture is compliance-ready. We implement encryption, access control, audit logging, incident response, and data governance practices that meet or exceed the requirements of ISO 27001 and NEN 7510. Independent security assessments validate our controls.

Year 1: ISO 27001 and NEN 7510

Our first certification targets are ISO 27001 (international information security management) and NEN 7510 (Dutch healthcare information security). These certifications establish the baseline security framework that healthcare and education organizations require from their vendors.

Year 2: CE Marking and SOC 2

In our second year, we target CE Marking under the EU AI Act to formally certify our AI system compliance, and SOC 2 Type II to provide independent assurance of our security, availability, and confidentiality controls over time.

Audit reports

When certification audits are completed, summary reports will be available to customers under NDA. We believe in transparency about our security posture.