Impartiality and Inquiries

Thoropass Certification LLC is committed to maintaining independence in fact and perception and to identifying, eliminating, and managing threats to impartiality in all certification activities. Impartiality is fundamental to the credibility of certification and is actively protected throughout our governance, operations, and decision-making.

Threats to impartiality are understood to include relationships or situations arising from ownership, governance, management, personnel, shared resources, financial arrangements, contracts, marketing activities, or other influences that could compromise objectivity.

Impartiality risks are reviewed on an ongoing basis and at least annually for all applicants, certified clients, personnel, and external resources. This review ensures that conflicts of interest and threats to impartiality are identified, evaluated, mitigated, and monitored. Thoropass Certification LLC does not provide management system consultancy or internal audit services to certification clients.

Oversight of impartiality is maintained through ongoing management reviews, internal oversight activities, risk assessments, and governance controls to ensure continued compliance with applicable accreditation requirements.

Certification Decisions

Thoropass Certification LLC operates in accordance with ISO/IEC 17021-1 accreditation requirements. Thoropass Certification LLC maintains documented processes governing certification decisions, including granting, refusing, maintaining, renewing, suspending, restoring, withdrawing certification, and expanding or reducing the scope of certification. Certification decisions are made independently of audit activities and are based solely on objective evidence of conformity.

Granting of Certification

Upon the completion of an initial certification, recertification, or certification transfer audit, a rigorous examination is conducted by an impartial certification decision maker. This review covers the audit file, identified nonconformities, taken corrective actions, and all supporting evidence to confirm adherence to the specified standard. Certification is granted by Thoropass Certification LLC only after all necessary criteria have been fully met.

Refusing of Certification

Where certification requirements are not fully met, Thoropass Certification LLC may be unable to grant certification at that time. This may occur when nonconformities remain unresolved, required corrective actions have not been adequately addressed, or applicable certification criteria are not satisfied within the allowable remediation period.

In such cases, Thoropass Certification LLC will communicate the reasons for the outcome and, where appropriate, outline the steps required for the organization to become eligible for certification. Depending on the circumstances, additional audit activity or a new initial certification audit may be required.

Maintaining Certification

To maintain continuous certification, certified organizations are required to undergo periodic surveillance audits, which are conducted in accordance with ISO/IEC 17021-1. These audits are executed between full certification audits to ensure the ongoing conformity of the management system.

Certification is granted for a defined cycle of three years, commencing from the date of the initial certification decision. Within this cycle, a recertification audit must be successfully completed prior to the certificate's expiration date to confirm sustained conformity and to secure the renewal of certification for the subsequent cycle.

The recertification audit is performed before the conclusion of each three-year certification cycle. Thoropass Certification LLC shall make reasonable endeavors to inform certified organizations in advance of impending recertification requirements.

Should a required surveillance or recertification audit not be finalized within the specified timeframe, the certification may lapse or be revoked in accordance with established certification rules. Thoropass Certification LLC collaborates with clients to facilitate timely planning and continuity of certification.

Suspension of Certification

Thoropass Certification LLC reserves the right to temporarily suspend certification when the requisite certification requirements are not fully satisfied or when the integrity of the certification status must be preserved. Such circumstances may encompass, but are not limited to, unresolved nonconformities, failure to meet contractual or certification obligations, inappropriate utilization of certification references or marks, or the conclusion of formal complaints or investigations.

During the period of suspension, the affected scope of certification is deemed temporarily invalid and is ineligible for transfer. Public certification records shall be updated to accurately reflect the suspended status until the underlying matter is fully resolved.

Suspension is implemented to provide a designated period for the completion and verification of necessary corrective actions. Thoropass Certification LLC shall collaborate with organizations to facilitate a timely resolution. Should the issues leading to the suspension not be rectified within the stipulated timeframe, the certification may be formally withdrawn, and all use of certification claims and marks must immediately cease.

Restoration of Certification

Thoropass Certification LLC shall restore a certification following a suspension, provided that all outstanding issues have been fully resolved and the resolution has been verified through the requisite review or audit activities.

Cancellation of Certification

Thoropass Certification LLC reserves the right to withdraw certification for the following reasons: persistent nonconformities, misrepresentation, failure to complete required audits, misuse of certification, or upon the request of the certified organization.

Expansion of Scope

Certified organizations are eligible to request an expansion of scope via a formal application and subsequent review process. Additional audit activities may be necessitated to verify conformity with the expanded scope before final approval is granted.

Reduction of Scope

A reduction of the certification scope may become necessary if it is determined that the current scope of certification is no longer accurate. Thoropass Certification LLC will deny scope reductions proposed for the purpose of circumventing nonconformities.

Use of Name and Certification Marks

Thoropass Certification LLC, as an accredited certification body, has developed a trademarked logo that signifies our certified clients' adherence to the relevant ISO standards. Thoropass Certification LLC establishes and enforces rules governing the use of its name, certification references, and certification marks to protect the integrity, credibility, and impartiality of certification.

Certified organizations may make reference to their certification status in communication materials such as websites, proposals, marketing materials, and other public or internal communications, provided such references are accurate, not misleading, and consistent with the certified scope.

Making Reference to Certification

When referencing certification, organizations shall:

  • Clearly identify the certified organization.
  • Identify the applicable management system and standard, such as ISO/IEC 27001.
  • Identify Thoropass Certification LLC as the certification body issuing the certificate.
  • Ensure that references apply only to activities, locations, and services included within the certified scope.

Certification references shall not:

  • Imply certification of a product, service, or process.
  • Suggest that certification applies beyond the approved scope.
  • Be presented in a manner that is misleading or could cause confusion.
  • Bring Thoropass Certification LLC, accreditation bodies, or the certification system into disrepute.

Use of Certification Marks

Certification marks provided by Thoropass Certification LLC may be utilized solely:

  • During periods in which the certification remains valid and active.
  • In direct connection with the certified management system.
  • In strict accordance with the approved scope of certification.

Certification marks shall not:

  • Be employed on products, product packaging, or in a manner that suggests or implies product certification.
  • Be altered with respect to their form, color, or proportion.
  • Be transferred or utilized by unauthorized third parties.
  • Be used in a manner that suggests endorsement beyond the scope of management system certification.

Changes to Certification Status

In the event that certification is suspended, withdrawn, or reduced in scope, the organization is required to promptly cease or modify any usage of certification references or marks to accurately reflect the prevailing certification status.

All references to certification and the use of marks must be updated commensurate with any modification to the certified scope.

Monitoring and Enforcement

Thoropass Certification LLC maintains oversight of the deployment of its name, certification references, and certification marks to ensure ongoing adherence to certification regulations and requisite standards.

Inappropriate or deceptive utilization of certification references or marks may necessitate corrective measures and, if warranted, the suspension or revocation of certification in accordance with established certification decision protocols.

Appeals and Complaints for Thoropass Certification LLC

Thoropass Certification LLC follows ISO/IEC 17021-1 and maintains a fair, independent, and confidential process to address appeals and complaints from clients and other interested parties.

What is an appeal?
An appeal is a client’s formal request that Thoropass Certification LLC reconsider its certification decision, which can encompass objections to a cited nonconformity, to an application refusal, or to the assignment of a specific auditor on the case.

What is a complaint?
A complaint is a formal expression of concern by any interested party regarding the certification body’s operations or the activities of a certified organization within its certified scope, including issues of auditor conduct, impartiality, misuse of certificate/mark, or confidentiality.

Appeals and Complaints Submission

Appeals and Complaints can be submitted to Thoropass Certification LLC using the following email alias’s:

The Appeals and Complaints Process

Clients of Thoropass Certification LLC may file an appeal during or after an assessment when they believe a divergence of opinion was not reasonably resolved; upon receipt, we notify the original audit team and appoint an independent individual that did not participate in the assessment to examine the matter, keep the appellant informed of progress, and issue a reasoned written determination at closure. 

For complaints from clients or other interested parties, Thoropass Certification LLC conducts a timely, fair investigation led by personnel independent of the subject of the complaint, provides progress updates, and communicates a written outcome at closure.

To protect confidentiality, client data and sensitive information are not disclosed except where required by law or accreditation rules, and complaints are not made public unless legally mandated.

Information Requests

Requests for information regarding certification activities, accredited scope, or the status of certified organizations may be submitted to Thoropass Certification LLC by contacting iso27001@thoropass.com 

SECTIONS

Get Started

Products

Thoropass AuditCompliance Automation
PentestingThoropass AIAccess ReviewsSecurity QuestionnairesRisk AssessmentTrust CenterIntegrations and APIs

Solutions

Get CompliantMaintain ComplianceIT Security AuditsThoropass vs. Audit FirmsThoropass vs. Vanta

Frameworks

SOC 1SOC 2HIPAAHITRUSTCyber EssentialsGDPRISO 27001ISO 27018ISO 42001CMMC Level 1NIST CSF 2.0PCI DSSOther Frameworks

Resources

Case Studies
BlogGuidesEventsGlossaryHelp Center

Industries

HealthcareSaaSFinTechOther Industries

Company

Our DifferenceMeet the ExpertsNewsroomCareersIndependence and ExcellenceBecome a PartnerTrust CenterContact us

Legal

MSADPAReport an IssueImpartiality and InquiriesTerms and ConditionsPrivacy Policy

Certifications:

Laika Compliance, LLC dba Thoropass Assurance is a licensed certified public accounting firm registered with the American Institute of Certified Public Accountants (AICPA). Thoropass, Inc. dba Thoropass is a leading cybersecurity and compliance professional services and technology firm.

© Copyright 2026 Thoropass, Inc.

Linkedin Logo Streamline Icon: https://streamlinehq.com
X Logo Streamline Icon: https://streamlinehq.com
Video Player 1 Streamline Icon: https://streamlinehq.com