Secure Any Tender With Confidence With ISO 27001 Certification in Just 6 Weeks, Guaranteed.

Terms & Conditions

Introduc)on

1.1 These Terms & Conditions ("Agreement") govern the provision of services by The ISO Council Pty Ltd ("Consultant") to the client ("Client"). By engaging the Consultant's services, the Client agrees to be bound by these terms.

2.1 "Consultant" refers to The ISO Council Pty Ltd.

2.2 "Client" refers to the entity engaging the Consultant's services.

2.3 "Services" refer to the consultancy services provided by the Consultant as detailed in this Agreement.

2.4 "ISMS" refers to the Information Security Management System.

Services Provided

3.1 The Consultant will provide a comprehensive approach to achieving ISO 27001 certiFication, including but not limited to:

3.1.1 Assessment and Planning: A thorough assessment of the current information security posture and planning the roadmap to ISO 27001 certiFication.

3.1.2 Gap Analysis: Identifying gaps between current security measures and ISO 27001 requirements.

3.1.3 Risk Assessment: Evaluating potential security risks and determining necessary controls.

3.1.4 ISMS Development: Developing a customized ISMS aligned with business objectives and ISO 27001 standards.

3.1.5 Implementation of Controls: Assisting with implementing controls as per Annex A of ISO 27001.

3.1.6 Statement of Applicability (SOA): Documenting SOA controls and ensuring compliance with ISO 27001 requirements.

3.1.7 Internal Audit: Conducting internal audits to ensure effectiveness and compliance of implemented controls.

3.1.8 Management Review: Facilitating management review meetings to review ISMS performance.

3.1.9 Audit Evidence Preparation: Preparing documentation and evidence for certiFication audits.

3.1.10 Training and Awareness: Providing comprehensive training and awareness sessions for staff (upon request and subject to fee quotation).

3.1.11 CertiFication Audit: Supporting Client during the certiFication audit process.

Client Obliga)ons

4.1 The Client agrees to:

4.1.1 Strictly adhere to the Consultant's advice and instructions.

4.1.2 Be prompt and responsive to the Consultant's requests for information and documentation.

4.1.3 Provide necessary and accurate information and documentation within the speciFied timeframe.

4.1.4 Ensure availability of key personnel as needed for the consultancy process.

4.1.5 Facilitate access to relevant systems, records, and premises required for the Consultant to perform the Services.

4.1.6 Cooperate fully with the Consultant to facilitate the timely and effective completion of services.

4.1.7 Immediately notify the Consultant of any signiFicant changes to their organization or circumstances that may impact the consultancy.

Fees and Payment Terms

5.1 Payment via Escrow: The full payment shall be made into an Escrow account and released upon passing the Stage 2 audit with auditor conFirmation, but prior to the issuance of the actual certiFication. The certiFication process is estimated to take around 8 weeks, subject to factors such as scheduling of audits and availability of parties.

5.2 Cancellation: If the Customer cancels the engagement during the process, the following forfeiture conditions apply:

5.2.1 After engagement but before ISMS handover: The Customer forfeits 20% of the total amount in Escrow.

5.2.2 After ISMS handover: The Customer forfeits 50% of the total amount in

Escrow. 5.2.3 After Stage 1: The Customer forfeits 75% of the total amount in

Escrow. 5.2.4 After Stage 2: The Customer forfeits 100% of the total amount in

Escrow.

5.2.5 If the Consultant cancels the engagement, the Consultant forfeits the entire amount of money in Escrow.

5.3 Stage Payments: Alternatively, payments can be made directly to the Consultant in stages:

5.3.1 First payment upon handover of ISMS, Statement of Applicability, Internal Audit, and Management Review.

5.3.2 Second payment upon passing Stage 1 audit after conFirmation from the auditor or certiFication body.

5.3.3 Third payment upon passing Stage 2 audit, but prior to the issuance of the actual certiFicate.

Confidentiality

6.1 Both parties agree to maintain the conFidentiality of all proprietary and conFidential information disclosed during the course of the engagement.

6.2 ConFidential information shall not be disclosed to any third party without the prior written consent of the disclosing party.

6.3 This conFidentiality obligation shall survive the termination of this Agreement.

Intellectual Property

7.1 The Client shall retain ownership of all deliverables and any intellectual property created during the consultancy.

7.2 If the engagement is canceled and the money from Escrow is not released, the Consultant retains intellectual property rights, including the ISMS.

T&C Rev 1.0 Effective 01 July 2023

7.3 The Consultant shall not use the Client’s intellectual property for any purpose other than to provide the Services.

Limita)on of Liability

8.1 The liability of The ISO Council Pty Ltd. shall not exceed the total fees paid by the Client under this Agreement.

8.2 The ISO Council Pty Ltd. shall not be liable for any indirect, consequential, or incidental damages, including but not limited to loss of proFits, revenue, or data.

8.3 The ISO Council Pty Ltd. shall not be liable for any losses resulting from third-party actions, unforeseen circumstances, or the Client's failure to follow advice.

Indemnity

9.1 The Client shall indemnify and hold harmless The ISO Council Pty Ltd. from any and all claims, damages, liabilities, costs, and expenses arising out of or related to:

9.1.1 The Client's use of the Consultant's services.

9.1.2 The Client's failure to comply with applicable laws and regulations.

9.1.3 Any breach of this Agreement by the Client.

Termina)on

10.1 Either party may terminate this Agreement with one week's written notice.

10.2 Upon termination, the Client shall pay for all Services rendered up to the date of termination.

10.3 The Consultant shall return all Client materials and conFidential information upon termination.

Force Majeure

11.1 Neither party shall be liable for any delay or failure to perform its obligations due to causes beyond its reasonable control, including but not limited to acts of God, war, terrorism, strikes, or governmental regulations.

Governing Law

12.1 This Agreement shall be governed by and construed in accordance with the laws of New South Wales, Australia.

T&C Rev 1.0 Effective 01 July 2023

Dispute Resolu)on

13.1 Any disputes arising under this Agreement shall First be resolved through mediation.

13.2 If mediation fails, the parties agree to submit to the exclusive jurisdiction of the courts of New South Wales, Australia.

Miscellaneous Provisions

14.1 This Agreement constitutes the entire agreement between the parties and supersedes all prior agreements and understandings.

14.2 Any amendments to this Agreement must be in writing and signed by both parties.

14.3 If any provision of this Agreement is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.

Money-Back Guarantee

15.1 Eligibility for Money-Back Guarantee: The Consultant offers a 100% money-back guarantee on the consultancy fees paid by the Client if the Client fails to achieve ISO 27001 certiFication on the First attempt, subject to the conditions outlined in this section.

15.2 Conditions for Guarantee: The money-back guarantee is conditional upon the following criteria being fully met by the Client:

15.2.1 Compliance with Consultant’s Instructions: The Client must strictly adhere to all advice, recommendations, and instructions provided by the Consultant throughout the consultancy process.

15.2.2 Timely Provision of Information: The Client must provide all necessary documentation, access to relevant personnel, and any other information requested by the Consultant promptly and within the speciFied timeframes.

15.2.3 No Material Changes: There must be no signiFicant changes to the Client’s Information Security Management System (ISMS), organizational structure, or key personnel that could negatively impact the certiFication process during the period of the consultancy and audit

15.2.4 Full Payment of Fees: The Client must have paid all consultancy fees in full, as per the terms set out in this Agreement, before the certiFication audit is conducted.

15.2.5 Pre-CertiFication Internal Audit: The Client must permit the Consultant to conduct a thorough internal audit prior to the certiFication audit, and all identiFied non-conformities must be addressed by the Client within the agreed timelines.

T&C Rev 1.0 Effective 01 July 2023

15.3 Exclusions from Guarantee: The money-back guarantee does not apply under the following circumstances:

15.3.1 Client’s Failure to Act: If the Client fails to implement the corrective actions suggested by the Consultant following the internal audit.

15.3.2 External Factors: If the failure to achieve certiFication is due to factors beyond the Consultant’s control, including but not limited to changes in regulatory requirements, third party auditor errors, or force majeure events.

15.3.3 Subsequent CertiFication Attempts: The guarantee is only applicable for the First certiFication attempt. Any subsequent attempts are not covered by this money-back guarantee.

15.4 Process for Refund: In the event that the Client is eligible for a refund under the terms of this money-back guarantee:

15.4.1 The Client must submit a written request for a refund within thirty (30) days of receiving the Final certiFication decision.

15.4.2 The Consultant will review the request and determine if all conditions have been met within thirty (30) days of receipt.

15.4.3 If the refund is approved, the Consultant will refund 100% of the consultancy fees paid by the Client within forty-Five (45) days from the date of approval.

15.5 Limitation: The money-back guarantee is limited to the refund of consultancy fees paid by the Client. It does not cover any other costs, expenses, or damages that the Client may incur in relation to the certiFication process.

T&C Rev 1.0 Effective 01 July 2023