Cetbix Security & Compliance Portal

Public certifications and frameworks

Cetbix is designed to help you meet major regulatory and security‑framework requirements across all products. Our platform and services are built on ISO 27001, GDPR, NIS2, and other standards, with clear documentation and support for your own compliance journey.

Below is an overview of our current certifications and frameworks.

ISO 27001 (certification in progress)

Status: ISO 27001 certification is currently in progress for the Cetbix platform and core services.
Certification body: [Bureau Veritas “ISO 27001 accredited certification body”]
Expected validity period: [Planned certification from 2026, subject to final audit confirmation.”]
Scope summary:
The scope covers the Cetbix cloud platform and key product services (including ISMS, GRC, and AI‑Regulatory modules), spanning information security policies, risk management, access controls, encryption, and incident response. The ISMS is applied to all data processing, internal systems, and customer‑facing components hosted in our European data centres.

(A copy of the ISO 27001 certificate and Statement of Applicability will be available here once the certification is issued.”)

GDPR compliance

Cetbix is committed to providing GDPR‑compliant services for customers who process personal data of EU residents.

  • We operate as a data processor and enter into GDPR‑compliant Data Processing Agreements (DPAs) with customers.
  • Personal data is stored in European data centres that themselves hold ISO 27001 certifications.
  • Data is encrypted at rest and in transit, and we implement technical and organisational measures to support data‑subject rights, breach‑notification obligations, and accountability.

More detail is available in our GDPR Privacy Policy.

NIS2 alignment

Cetbix aligns its security and risk‑management practices with the requirements of the NIS2 Directive for essential and important entities.

  • Our unified ISMS, risk‑management process, and incident‑response capabilities are designed to support NIS2‑relevant controls around incident reporting, supply‑chain risk, and resilience.
  • We continuously update our platform and controls as NIS2 implementation guidance evolves in Member States.

Customers can use Cetbix controls and evidence to demonstrate alignment with NIS2‑related obligations in their own reporting and audits

IEC 62443 Readiness/Support

Cetbix products are designed to support customers pursuing IEC 62443‑aligned security for industrial and OT environments.

  • Our Sentinel and ISMS modules provide asset‑inventory, risk‑assessment, and control‑tracking features that map to IEC 62443‑related requirements.
  • While IEC 62443 certification applies primarily to the customer’s operational environment, Cetbix helps you document, manage, and evidence compliance‑related controls within the platform.