Effective Date: 6 September 2025 | Last Updated: 6 September 2025 | Version: 1.0
1. Purpose
This ISO Alignment Statement explains how Karsaaz EBS aligns its internal operations with international standards for quality management and information security. Our aim is to provide transparency to stakeholders, investors, and partners about our commitment to implementing and maintaining robust management systems. This statement is distinct from our Privacy Policy and Terms of Use.
2. ISO 9001:2015 – Quality Management System (QMS)
Karsaaz EBS has established and maintains a Quality Management System (QMS) that meets the requirements of ISO 9001:2015. ISO 9001:2015 specifies criteria for a quality management system and is based on principles including customer focus, leadership, process approach, and continual improvement. Key components of our QMS include:
Customer and stakeholder focus: Even though Karsaaz EBS does not directly sell products on its corporate site, we are committed to meeting the needs of investors, partners, and regulatory bodies by providing accurate and timely information and support.
Leadership and accountability: Our executive leadership is engaged in setting quality objectives, allocating resources, and ensuring that this policy is communicated throughout the organization.
Process approach: We document and monitor processes for corporate governance, compliance management, and supplier management. Procedures are reviewed periodically to ensure they remain effective and efficient.
Continuous improvement: We evaluate our QMS through internal audits, management reviews, and stakeholder feedback. Opportunities for improvement are recorded and tracked to closure. Lessons learned from product operations (e.g., data breaches, security incidents) are incorporated into corporate procedures.
3. ISO/IEC 27001:2022 – Information Security Management System (ISMS)
Our Information Security Management System is aligned with ISO/IEC 27001:2022 and its annexed control objectives. According to the statement published on our ISO Alignment Statement page, Karsaaz EBS affirms that its security, development, and compliance operations are aligned with the ISO/IEC 27001:2022 framework. Key elements of our ISMS include:
Access management: We implement role‑based access control (RBAC), least‑privilege principles, and multi‑factor authentication for all internal systems. These controls are also reflected in our product policies.
Data handling and classification: Information assets are classified based on sensitivity and treated accordingly. Sensitive corporate data is encrypted both in transit and at rest.
Risk management: We perform regular risk assessments covering information assets, processes, and third‑party providers. Risks are scored, and mitigation plans are tracked.
Employee onboarding and offboarding: New hires receive security training and sign confidentiality agreements. Access rights are promptly revoked upon departure. These practices are documented and audited.
Monitoring and audit logs: Security audit logs are generated and retained in accordance with ISO 27001 control requirements. Logs are reviewed regularly for anomalies.
Continual improvement: We conduct periodic internal audits and plan annual external assessments to measure compliance with ISO 27001. Findings are used to refine policies and controls. Our ISO 27001:2022 certification audit is planned with an accredited auditor and is expected to be completed within the next certification cycle.
4. Documentation and Evidence
Karsaaz EBS maintains formal documentation for its QMS and ISMS. This includes a quality manual, information security policies, standard operating procedures (SOPs), risk registers, and records of audits and management reviews. Documentation demonstrates how our processes align to ISO standards and provides evidence for internal and external auditors. For investor or partner inquiries regarding our ISO alignment, please contact us at compliance@karsaazebs.com.
5. Commitment to Certification
While many of our product teams already operate under ISO‑certified environments, Karsaaz EBS is committed to establishing a fully certifiable QMS and ISMS environment at the group level. The corporate entity holds ISO 9001:2015 and ISO/IEC 27001:2022 certifications for specific services. We continue to expand the scope of these certifications across our subsidiaries and operations. Certification audits are conducted by accredited bodies recognized by the International Accreditation Forum (IAF).