Product
ISO 27001
Industry
Sustainability Technology, Digital Product Passports, Life Cycle Assessment
Engagement Length
10 Months
Location
Manchester, United Kingdom
Outcome
Successful ISO 27001 certification for both entities, with Drata at 100% control compliance
Technovative Solutions Ltd. (TVS) is a UK research-based organization pioneering technology-led solutions for environmental responsibility, with more than thirty EU and UKRI-funded research projects to its name, including the Horizon Europe-funded BASE project.
Its specialist division, DigiProd Pass Ltd., is a leading provider of blockchain-enabled Digital Product Passport solutions across the EU and Asia, helping industries from furniture and textiles to batteries and automotive transition to a circular economy.
With high-profile partnerships including DFS Group and BGMEA, and recognition from the Netty Awards and edie Awards, both companies were ready to formalize their commitment to information security through ISO 27001 certification.
Navigating the Road to ISO 27001 Certification
For TVS and DigiProd Pass, ISO 27001 certification wasn’t about refining existing systems. It was a matter of building from the ground up. The starting point was honest and exposed:
- No ISMS in place. There was no Information Security Management System to refine, only a blank page to begin from.
- No prior knowledge of ISO 27001. The team was unfamiliar with the standard, its clauses and Annex A controls, and what auditors actually look for.
- No prior audit or certification experience. Neither company had been through a certification cycle before, internal or external.
- A commitment gap inside the organisation. Leadership was fully behind the initiative, but the wider team had no exposure to ISO 27001 concepts, terminology, or what would be expected of them day-to-day.
This is the situation many growing technology companies find themselves in: ambitious roadmaps, strong leadership backing, real customer demand for proof of security maturity, but no internal compliance muscle to make it happen. The path from zero to certified is the hardest one to walk alone.
A True End-to-End Partnership
Axipro stepped in as more than a consultant. The team took ownership of the journey from the first scoping call through to the closing audit. The engagement systematically reversed every gap the client started with:
Building the ISMS from scratch. Axipro developed and implemented an ISO 27001-compliant Information Security Management System tailored to the cloud-native, research-driven nature of both businesses, covering scope definition, the Statement of Applicability, risk assessment and treatment, and the full set of Annex A controls with the evidence auditors expect.
Translating ISO 27001 into plain language. Through structured training and awareness sessions, the team moved from never having heard of ISO 27001 to confidently operating within the framework. Employees understood their role in the ISMS, not just that one existed.
Hands-on preparation for first-time auditees. As a first-time certification client, TVS and DigiProd Pass needed coaching, not just documentation. Axipro provided internal audit support, mock interviews, and direct preparation for both the Stage 1 and Stage 2 certification audits.
Driving Drata to 100% compliance. As a Drata Gold Partner, Axipro worked alongside the client to bring every ISO 27001 control inside the platform to full green status, with continuous evidence collection that removed the eleventh-hour scramble that derails so many first-time audits.
Acting as the bridge to leadership. Crucially, Axipro maintained the energy of the engagement at every level: aligning with leadership on strategy, supporting the project manager through the day-to-day, and bringing the wider team along so that ISO 27001 became something the organisation owned, not something done to it.
ISO 27001 Certified
After ten months of focused, collaborative work, both Technovative Solutions Ltd. and DigiProd Pass Ltd. successfully achieved ISO 27001 certification.
Two companies, one certification journey, zero prior experience, and a fully operational ISMS that continues to underpin their work with global partners and regulators.
For DigiProd Pass, certification reinforces its position as a trusted technology partner under increasingly stringent EU sustainability and traceability regulations, where data integrity and supply chain transparency are non-negotiable.
For Technovative Solutions, it strengthens the credibility that has helped secure major research grants and enterprise partnerships. For the team itself, it transformed compliance from an unknown into a confident, repeatable capability.
Hakim Nassim, Project Manager, Technovative Solutions & DigiProd Pass shares:
As we reflect on the past 10 months, I want to take a moment to express my heartfelt gratitude to each and every one of you.
Your dedication, professionalism, and hard work throughout this ISO compliance journey has been truly outstanding.
From the very beginning, Axipro demonstrated an exceptional level of commitment. You understood the job — not just how it should be done, but how it could be done to the very highest standard.
Choosing Axipro as our ISO consultant was, without doubt, one of the best decisions we made.
You were simply brilliant, and I say that from personal experience. As a client, there is nothing more reassuring than having a consultant team of your calibre by your side.
You took us from zero to one hundred, and without your expertise, support, and hard work, achieving this certification would simply not have been possible.
A very special mention goes to Abeera — your contribution has been nothing short of exceptional. You were hardworking, sincere, dedicated, and utterly consistent throughout this entire journey. Quite simply, this certification would not have happened without you, and we are truly and deeply grateful.
And to Dennis — a heartfelt thank you for everything you did behind the scenes, working tirelessly day and night to ensure every detail was in order. Your initiative in bringing Drata to 100% compliance across all controls made all the difference.
A special thank you also to Ali Bhai — your moral support and guidance throughout this journey meant more than words can express. Every time the goal felt out of reach, you were there to remind us that we could do it and push us forward with unwavering belief. We are truly grateful for your encouragement and faith in us.
This achievement belongs to all of you. Thank you for your tireless efforts, your patience, and your unwavering commitment to excellence.
It has been a genuine privilege working alongside such a talented and dedicated team.
Why It Worked
The TVS and DigiProd Pass story illustrates what Axipro does differently. ISO 27001 certification wasn’t outsourced — it was co-owned. The team didn’t just hand over templates; they built awareness, walked the client through every audit interaction, and treated each control in Drata as a real piece of the business, not a checkbox.
That’s the difference between passing an audit and building a security culture that lasts beyond the certificate.
If your organisation is starting at zero, with leadership buy-in but no in-house ISMS expertise, you’re exactly the kind of client Axipro is built to serve.
Start Your Compliance Journey with Axipro Today
Whether you’re racing against a deadline or simply want the clearest path to ISO 27001 certification, Axipro is the partner that delivers—with precision, clarity, automation, and speed. Book a free consultation with Axipro.
