
ISO/IEC 27001:2022
Formally certified to ISO/IEC 27001:2022 since May 2026. Auditor: A-Mark Ratings Limited, accredited by UAF and IAF. Certificate No. 26052601, valid until 25 May 2029.
At GermanAI Defense, security is not a feature. It's the foundation. Here we show what we hold ourselves accountable to: audited, documented and communicated transparently.
Four standards we hold ourselves to. We are formally certified to ISO 27001. GDPR, NIS 2 and the EU AI Act were assessed as part of our ISO 27001 audit, and here we are compliant. We don't claim anything we can't substantiate.

Formally certified to ISO/IEC 27001:2022 since May 2026. Auditor: A-Mark Ratings Limited, accredited by UAF and IAF. Certificate No. 26052601, valid until 25 May 2029.

Fully GDPR compliant with a documented Record of Processing Activities (Art. 30), a Data Processing Agreement template, technical-organisational measures (TOM) per Art. 32, and a designated Data Protection Officer.

Our own cyber-resilience measures meet NIS 2 requirements: risk management, incident reporting, supply-chain security, business continuity and recurring effectiveness reviews. What we advise others, we live ourselves.

Our AI systems are risk-classified, documented and operated to audit-ready standards. Human oversight, transparency obligations and technical robustness per EU AI Act are built in, assessed during our ISO 27001 audit. Including for client projects.
Need our DPA, want to review a TOM document, or have questions about our ISO 27001 certification? Drop us a line. Typical response within 2 business days.
Email info@germanaidefense.de →
Go deeper: Information Security Policy · Privacy Policy · GRC & Compliance Consulting