About IISRI®


The Independent Information Security and Privacy Rating Institute IISRI® was founded
because Security and Privacy certifications alone, like ISO27001, PCI DSS, or SOC2, do not
provide insight into how well organizations are protecting data. They are issued after passing a minimum threshold. Ratings of the security and privacy certifications on the other hand, allow customers to see to what extent an organization has put controls. 

You can read more about ratings here.


​We aim to provide all service providers with public security and privacy ratings. This
higher transparency will encourage certified service providers to safeguard
valuable customer data constantly. Establishing trust with the consuming their services.

Who we  are

​IISRI® has been providing security and privacy services since 2016 and is now the leading
provider of information Security and Privacy certifications with Ratings. Our global team
comprises of regional and sector experts from the industry and researchers from universities
with qualified auditors for, among others, ISO27001, ISO27701, GDPR, PCI DSS, SOC 2 and
NIST. Our headquarter is in New Zealand (Auckland) with branches in Netherlands, Poland
and Indonesia.

What we do

​In short, we audit, rate and certify security and privacy of service providers.
The certifications and ratings are then published on our online public register for customers
and partners to view. The ratings are standardised and enable service providers to
benchmark themselves among other providers.