Golonex

Security Operations

EDR · MDR · XDR Email Security SOC Monitoring & SIEM Continuous VAPT Security Awareness Training

IT & Governance

Configuration Management Backup & DR / BCP IT & Security Governance IS Audit Readiness Compliance Readiness

Advisory & AI

Fractional Leadership AI Automation Solutions Lab Staff Augmentation Hire with us Our Work Industries About Contact Blog Golonex Press ↗ Golonex Tools ↗ ◆ Golonex Ready Book a Call →
Legal

Code of Conduct

Last updated: June 2026

Golonex sells accountability. That only means something if we hold ourselves to the standards we help our clients meet. This Code sets out how we work.

Honesty about what we are

We never claim certifications or attestations we do not hold. All certification language we use refers to a client’s readiness journey, never to Golonex’s own status. Individual credentials we cite (such as CISM and CISA) are genuinely held by the people who hold them.

Honesty about scope

We deliver readiness and coordinate with the parties who issue formal sign-off — accredited certification bodies, licensed CPA firms, QSAs, and independent auditors. We are clear about what we do and do not provide, and our accountability is bounded and scoped per engagement.

Confidentiality & security

Client information is treated as confidential and protected with appropriate safeguards. We build evidence so that it lives in the client’s infrastructure, under the client’s control.

Integrity & independence

We give advice in the client’s interest, flag conflicts, and decline work where independence is required and we cannot provide it. We do not overpromise outcomes we cannot stand behind.

Contact

Concerns about conduct: [email protected].