Trustgent
Market map · Vendor & third-party risk

The verified Vendor & third-party risk landscape.

Every AI builder with a verified Vendor & third-party risk delivery record, worldwide — cross-referenced (L2) or higher. Ranked on earned proof, never paid placement.

214 verified builders qualify for this map — every one cross-referenced (L2) or higher. Order is earned: highest verification level first, ties broken by most-recent verification. A free-plan L5 provider always outranks a paid-plan L1; plan tier is never a ranking input.

Most recent verification on this map: 2026-07-07. This is a live view — the ranking updates as builders re-verify.

Choosing an AI builder? Don’t stop at the demo. Trustgent’s six-level verification scale(L0–L5) tells you how much of a provider’s claim is independently corroborated, and how ranking works explains why proof — not spend — sets the order. Work through the questions to ask a partner and the evaluation scorecard, then request verified quotes from the builders on this map.

Verified builders on this map

ITLawCo

Cape Town, South Africa

Boutique AI, data and technology governance practice

EU AI Act confor…GDPR & DPO serviceVendor & third-p…
records
1
team
2-10
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

NEWORDER

Pretoria, South Africa

Offensive-security firm running PCI DSS v4.0 gap assessments mapped to POPIA and ISO 27001.

PCI DSS assessmentISO 27001 certif…Vendor & third-p…
records
1
team
10-50
founded
2009

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

PwC Norway

Oslo, Norway

Big-4 Norwegian cyber risk advisory practice

PCI DSS assessmentISO 27001 certif…SOC 2 audit & at…+2 more
records
1
team
200+
founded
1998

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Magix Security

Johannesburg, South Africa

PCI ASV-certified scanning plus end-to-end PCI DSS readiness, gap analysis and remediation.

PCI DSS assessmentISO 27001 certif…Vendor & third-p…
records
1
team
10-50
founded
2003

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

PharmaLex GmbH

Friedrichsdorf, Germany

Specialist services for pharma, biotech, and medical device companies

HIPAA complianceGDPR & DPO serviceISO 27001 certif…+1 more
records
1
team
200+
founded
1998

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

PwC Austria

Vienna, Austria

Vienna-based risk assurance and cyber practice

PCI DSS assessmentISO 27001 certif…SOC 2 audit & at…+2 more
records
1
team
200+
founded
1957

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Seralys

Luxembourg, Luxembourg

Boutique Luxembourg information security advisory and pentest firm.

PCI DSS assessmentISO 27001 certif…Vendor & third-p…
records
1
team
2-10
founded
2012

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Lexagone

Paris, France

Senior-lawyer data-protection firm with a healthcare DPO practice

HIPAA complianceGDPR & DPO serviceEU AI Act confor…+1 more
records
1
team
10-50
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Fasoo

Seoul, South Korea

Data-centric security consulting with a healthcare/HIPAA practice

HIPAA complianceGDPR & DPO serviceVendor & third-p…
records
1
team
200+
founded
2000

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

MyData-TRUST

Mons, Belgium

Life-sciences-only privacy and data-protection consultancy with in-house DPOs

HIPAA complianceGDPR & DPO serviceVendor & third-p…
records
1
team
50-200
founded
2017

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Bloka

Buenos Aires, Argentina

Argentine MSSP dedicated to the healthcare sector.

HIPAA complianceISO 27001 certif…Vendor & third-p…
records
1
team
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

EYECOON

Vienna, Austria

Data protection consulting and IAPP training

HIPAA complianceGDPR & DPO serviceISO 27001 certif…+1 more
records
1
team
10-50
founded
2008

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

SEC4YOU

Stockerau, Austria

IT audits and information-security consulting

HIPAA complianceISO 27001 certif…GDPR & DPO service+1 more
records
1
team
10-50
founded
2005

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Root-Secure

Buenos Aires, Argentina

Buenos Aires information-security consultancy running risk analyses and ISO 27000 programs.

HIPAA complianceISO 27001 certif…Vendor & third-p…
records
1
team
10-50
founded
2007

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Ejabi InfoSec

Dubai, United Arab Emirates

Dubai-registered PCI QSA, CPSA, and SWIFT CSP assessor

PCI DSS assessmentISO 27001 certif…Vendor & third-p…
records
1
team
10-50
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Blackfoot

London, United Kingdom

London-based cybersecurity assurance business with a QSA practice.

PCI DSS assessmentISO 27001 certif…Vendor & third-p…
records
1
team
10-50
founded
2008

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

BDO Norge

Oslo, Norway

Norwegian audit firm delivering PCI DSS advisory as part of the BDO network

PCI DSS assessmentISO 27001 certif…SOC 2 audit & at…+2 more
records
1
team
200+
founded
1971

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

BDO Argentina

Buenos Aires, Argentina

Argentine member firm of the BDO network with a Buenos Aires cyber and IT-audit practice.

PCI DSS assessmentISO 27001 certif…SOC 2 audit & at…+1 more
records
1
team
200+
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Baker Tilly Argentina

Buenos Aires, Argentina

Cybersecurity, GRC and compliance assurance from the Argentine Baker Tilly member firm.

HIPAA complianceISO 27001 certif…PCI DSS assessment+2 more
records
1
team
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

AVeS Cyber Security

Johannesburg, South Africa

IT governance and security-compliance consultancy running PCI, ISO 27001 and POPIA engagements.

PCI DSS assessmentISO 27001 certif…GDPR & DPO service+1 more
records
1
team
10-50
founded
1998

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Arcondis

Allschwil, Switzerland

Life sciences and healthcare compliance and managed services

HIPAA complianceISO 27001 certif…Vendor & third-p…
records
1
team
200+
founded
2001

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Alt Gr SA

Chiasso, Switzerland

Ticino IT security firm with PCI DSS remediation practice.

PCI DSS assessmentVendor & third-p…
records
1
team
10-50
founded
2012

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

AlfaNordic

Herlev, Denmark

GxP validation and life sciences quality consultancy, part of the NIRAS group

HIPAA complianceGDPR & DPO serviceVendor & third-p…
records
1
team
50-200
founded
2008

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

ADL Consulting

Ibstock, United Kingdom

Specialist ISO 27001 consultancy with certified auditors

ISO 27001 certif…GDPR & DPO serviceVendor & third-p…
records
1
team
1-10
founded
2008

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

RSM US

Chicago, United States

Fifth-largest US CPA and advisory firm

SOC 2 audit & at…ISO 27001 certif…HIPAA compliance+2 more
records
1
team
18000+
founded
1926

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

RSM Canada

Toronto, Canada

The middle-market advocate for AI governance

EU AI Act confor…ISO 42001 AI man…ISO 27001 certif…+2 more
records
1
team
1000+
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

RSI Security

San Diego, United States

The nation's premier compliance and cybersecurity provider

HIPAA complianceSOC 2 audit & at…ISO 27001 certif…+3 more
records
1
team
51-200
founded
2013

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

risk3sixty

Roswell, United States

Atlanta advisor pursuing CB status for ISO 27001 and 42001.

ISO 42001 AI man…ISO 27001 certif…SOC 2 audit & at…+2 more
records
1
team
50-200
founded
2016

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

RICHT

New York, United States

Law That Knows Business - clarity and value in privacy, marketing, and technology

GDPR & DPO serviceVendor & third-p…
records
1
team
1-10
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Richter LLP

Montreal, Canada

Payment Card Industry (PCI) Advisory Services

PCI DSS assessmentSOC 2 audit & at…ISO 27001 certif…+1 more
records
1
team
201-1000
founded
1926

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Rezilens

Dubai, United Arab Emirates

AI governance and GRC advisory from Business Bay

EU AI Act confor…ISO 27001 certif…ISO 42001 AI man…+1 more
records
1
team
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Redspin

Carpinteria, United States

CMMC C3PAO and cybersecurity assessment firm

HIPAA complianceSOC 2 audit & at…Vendor & third-p…
records
1
team
50-100
founded
2000

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

PwC Luxembourg

Luxembourg, Luxembourg

Big Four Luxembourg practice with an AI governance and EU AI Act service line

ISO 42001 AI man…EU AI Act confor…GDPR & DPO service+2 more
records
1
team
200+
founded
1961

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

PwC Canada

Toronto, Canada

AI Trust practice and ISO 42001 certification

EU AI Act confor…ISO 42001 AI man…ISO 27001 certif…+3 more
records
1
team
200+
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Prudence AI

Montreal, Canada

A Unique Multidisciplinary Law Firm Focusing on the Responsible Use of AI Technology

EU AI Act confor…GDPR & DPO serviceVendor & third-p…
records
1
team
1-10
founded
2019

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Provadys

Boulogne-Billancourt, France

Cabinet independant d'audit et de conseil en securite

PCI DSS assessmentISO 27001 certif…GDPR & DPO service+1 more
records
1
team
11-50
founded
2006

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Protiviti

Menlo Park, United States

Face the Future with Confidence

Vendor & third-p…SOC 2 audit & at…ISO 27001 certif…+2 more
records
1
team
1000+
founded
2002

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Optiv

Denver, United States

Secure greatness.

Vendor & third-p…SOC 2 audit & at…PCI DSS assessment+1 more
records
1
team
1000+
founded
2015

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

nFlo

Warsaw, Poland

ISO 27001, NIS2 and DORA compliance combined with penetration testing and a 24/7 SOC

ISO 27001 certif…Vendor & third-p…
records
1
team
40-60
founded
2015

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Neverhack

Paris, France

AI-native sovereign cyber group built from French cyber roll-ups

ISO 27001 certif…GDPR & DPO serviceVendor & third-p…
records
1
team
501-1000
founded
2022

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Netsystem

Gardanne, France

Cabinet d'expertise en transformation digitale et cybersecurite

ISO 27001 certif…GDPR & DPO serviceVendor & third-p…
records
1
team
11-50
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

NCC Group

Manchester, United Kingdom

Protect patient data, simplify regulatory compliance, and reduce risk.

HIPAA complianceISO 27001 certif…SOC 2 audit & at…+2 more
records
1
team
1000+
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

MNP LLP

Calgary, Canada

Wherever business takes you

PCI DSS assessmentSOC 2 audit & at…ISO 27001 certif…+1 more
records
1
team
1000+
founded
1958

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

LBMC

Brentwood, United States

Achieve HIPAA compliance without stifling business growth

HIPAA complianceSOC 2 audit & at…ISO 27001 certif…+2 more
records
1
team
1000+
founded
1984

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

KPMG US

New York, United States

AI Trust services and governance

EU AI Act confor…ISO 42001 AI man…SOC 2 audit & at…+1 more
records
1
team
200+
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

IS Partners

Dresher, United States

Keep your healthcare business secure and compliant

HIPAA complianceSOC 2 audit & at…ISO 27001 certif…+3 more
records
1
team
51-200
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

InfoSec Advisory

Tokyo, Japan

Tokyo advisory guiding enterprises through ISO/IEC 42001 gap analysis to certification.

ISO 42001 AI man…ISO 27001 certif…Vendor & third-p…
records
1
team
50-200
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

GoTrust

Amsterdam, Netherlands

Amsterdam privacy firm packaging ISO 42001 with GDPR and EU AI Act workflows

ISO 42001 AI man…GDPR & DPO serviceEU AI Act confor…+1 more
records
1
team
10-50
founded
0

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Eraneos

Zurich, Switzerland

Strategy, transformation, and technology consulting

EU AI Act confor…ISO 42001 AI man…Vendor & third-p…
records
1
team
200+
founded
1986

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Digitemis

Nantes, France

Audit et conseil en cybersécurité, conformité et privacy

Vendor & third-p…ISO 27001 certif…GDPR & DPO service
records
1
team
51-200
founded
2013

Verified at L2 · unclaimed. Claim it free to respond to buyers and climb to a client-verified rating. Claim it free →

Showing the top 100 by earned verification. See all Vendor & third-party risk providers for the full ranked slate.

Share this market map.

A ranked snapshot that stays current as builders re-verify. Post it to LinkedIn, download the image, or copy the link.

On this map? Claim your listing.

If you’re one of these builders, claim your listing free to respond to buyers, embed your verified badge, and climb the verification scale. Ranking stays earned — claiming never buys position.

Claim it free

This is the shareable market map. For the full, indexed directory see all Vendor & third-party risk providers