Case studies
Each engagement below is a detailed walkthrough of the gaps we find, the evidence we build and the readiness state we leave behind. The blockers are the ones that appear repeatedly - across brokers, SaaS companies and regulated operators - because the same management-system failures show up everywhere.
A note on these engagements
These are representative engagements - detailed, realistic walkthroughs built from the ISO 27001 failure patterns we see most often, not accounts of specific named clients. Certification is always decided by an accredited certification body; we prepare teams for it and never guarantee the outcome.
A readiness call or Mini Gap Review finds the same blockers these engagements found - before they become findings.
Certification is performed by an accredited certification body through Stage 1 and Stage 2 audits. Kellwick prepares you for that process; it does not perform it and cannot guarantee its outcome.
Kellwick is an independent advisory practice. We are not a certification body and do not issue ISO certifications. Certification decisions are made only by accredited certification bodies.