Committed to Impartiality in Certification Activities

We define threats to impartiality as any relationship that could compromise our independence or perceived impartiality. These relationships include ownership, governance, management, personnel, shared resources, finances, contracts, marketing, and sales commissions for client referrals.

We conduct ongoing reviews and annual assessments to identify, analyze, and resolve conflicts of interest and threats to impartiality among prospects, clients, and personnel. Our leadership ensures compliance through management reviews, monitoring tools, internal audits, and risk assessments.

Prescient Security adheres to independence requirements set by organizations like the American Institute of Certified Public Accountants, ISO 17021:2015, ISO 17020:2012, FedRAMP, and HITRUST. We do not provide management system consultancy, internal audit services, or have financial interests in other certification or consultancy firms.

To maintain and demonstrate impartiality, we have established the following principles:

• Prescient Security Certificates are issued only after an independent, authorized, and competent member of the management team, who has not been involved in the audit, reviews and ensures that no interests predominate.
• We do not offer management system consultancy or any other form of consultancy to companies or individuals, for any ISO standards.
• Internal audit services are not provided to our certified clients.
• We do not own or have any interest, financial or otherwise, in any other company that offers certification or management system consultancy services.
• Prescient Security does not establish or maintain relationships with companies that offer consultancy or other services that could impact the certification services provided by Prescient Security.

Any proposed relationship with another company undergoes a risk assessment by the Impartiality Risk Group before formalization. Current relationships are regularly risk-assessed to ensure they do not affect the certification process's impartiality.

Individuals employed by or contracted to Prescient Security must document and disclose their current and past relationships with all companies. Any potential conflict of interest, past or present, must be declared. We use this information to identify threats to impartiality and will not involve individuals in any capacity if they cannot demonstrate there is no conflict of interest.

Prescient Security does not allocate staff or subcontractors to a management system audit if a past relationship exists. In exceptional cases, where there has been no relationship for a minimum of 2 years, the Impartiality Risk Group may consider allowing an individual or subcontractor to participate in a management system audit.

We do not offer commissions or inducements to individuals or companies for client referrals unless specific criteria are established, documented, and demonstrated to ensure no influence on the audit's outcome. Any such payments are well-documented, recorded, traceable, and accompanied by a purchase order and invoice.

Prescient Security provides general training on ISO standards, not specific training for implementing a particular standard for any company. We ensure that our name and branding are not linked to management system consultancy activities in any way.

Our auditors and personnel involved in the certification process are not pressured or influenced to reach specific conclusions about audit results.