The trust signal that turns website visitors into signed contracts.

A public badge customers display to show they run their governance programme on ISO-STANDARD.app — and a plain explanation of what the badge does, and does not, mean. Because a badge that says 'we take security seriously' means nothing. A badge that links to live evidence means the deal.

Michael McCarroll 4 min read Updated June 2026

What the badge means

Customers of ISO-STANDARD.app can embed a small trust badge on their own website. The badge indicates that the site owner runs their risk register, controls catalogue, policies, audit evidence and improvement programme inside an ISO-STANDARD.app workspace. It reflects active use of a governance, risk and compliance (GRC) platform — a positive signal that the organisation is investing in structured compliance work.

What the badge does not mean

The badge is a self-attestation by the site owner. ISO-STANDARD.app does not independently audit the site owner's controls, does not issue certifications, and does not verify individual claims made on the badge (for example, the standard shown on the label). Formal certification to ISO 27001, ISO 42001, SOC 2 or equivalent is issued by accredited certification bodies after an independent audit — the badge is not a substitute for that certificate.

If you need audit-grade assurance for a supplier or partner relationship, ask the badge owner for their certificate of registration, their Statement of Applicability, or the equivalent evidence for their standard. Any ISO-STANDARD.app customer can export these from their workspace on request.

How the badge protects the visitor

The badge is a small, self-contained script served fromiso-standard.app/badge/embed.js. It does not set cookies, does not fingerprint visitors, does not send any personal data back to ISO-STANDARD.app, and cannot execute code from the host page. When a visitor clicks it, it opens this page in a new tab.

Interested in the platform behind the badge?

ISO-STANDARD.app is a modern GRC platform for ISO 27001, ISO 42001, ISO 9001, ISO 20000-1, Cyber Essentials, SOC 2 and related standards. You can start a free workspace and generate your own badge in a few minutes.

Trust & security
ISO 27001 aligned
Controls mapped to Annex A
Encryption in transit & at rest
TLS 1.3 · AES-256
MFA enforced
TOTP required for all admins
GDPR & UK GDPR
DPA on request · EU/UK data
SOC 2 ready posture
Audit-grade logging
RLS-isolated tenants
Row-level data separation
← All guidesHome →