Your Pathway to ISO 27001, ISO 42001 & NIS 2 Resilience.

Expert implementation, auditing, and continuous compliance management for critical infrastructure and AI service providers.

Leveraging PECB certified expertise to transform regulatory risk into operational security and ethical AI governance.

PECB ISO 27001 Lead Auditor PECB Certified

ISO/IEC 27001 Lead Auditor

PECB ISO 42001 Lead Implementer PECB Certified

ISO/IEC 42001 Lead Implementer

PECB NIS 2 Directive Implementer PECB Certified

NIS 2 Directive Implementer

Photo of Principal Consultant Frane Karaman

Meet the Principal Consultant: Frane Karaman

mag. ing. el. (UNIZG FER, 1989)  |  PECB ISO 27001 Lead Auditor, ISO 42001 Lead Implementer & NIS 2 Senior Lead Implementer

Our practice is led by Frane Karaman, a consultant with over 30 years of experience in information technology and security. Following 25 years on the New Zealand technology scene at C-level — CISO/CTO roles at Artilect (current), SpeakData, Atlantis Healthcare, Ogilvy New Zealand, and Visible Results — Frane returned to Croatia in 2023 and now leads ISO 27001, ISO 42001 and NIS 2 implementations for clients across Europe and the Pacific. We specialize in translating stringent international standards into lean, operational, and audit-ready management systems.

Core Expertise Areas:

ISMS Design & Audit EU Compliance & NIS 2 AI Governance (AIMS) Risk Architecture AWS Architecture GCP Architecture Supply Chain Security

Specialized Compliance Services

ISO 27001 Certification

Achieve and maintain global standard information security certification.

  • ISMS Design & Implementation: Policy development and risk treatment.
  • Internal Auditing: Pre-certification audits.
  • Continuous Maintenance: Annual surveillance support.

ISO 42001 AIMS Implementation

Establish responsible AI development and deployment.

  • AI Risk Assessment: Fairness, transparency, and accountability.
  • AIMS Development: Annex B controls for AI.
  • EU AI Act Readiness: High-Risk AI compliance framework.

NIS 2 Directive Implementation

Mandatory cyber resilience for Essential/Important Entities.

  • Applicability & Scoping: Legal classification and scope.
  • Technical Measures (T-OMs): Incident handling, access control.
  • Incident Response: Mandatory notification protocols.

INTEGRATED COMPLIANCE: Security, regulation, and AI governance in one system.

Why Choose Code1001 Expertise?

Tri-Certified Authority

High-level credentials across InfoSec (27001), EU Regulation (NIS 2), and AI Governance (42001).

Integrated Risk Management

Streamlined compliance efforts reducing cost and complexity.

Focus on Legal Accountability

Guidance through strict liability elements of NIS 2 and AI legislation.

Operation-First Implementation

Systems built to integrate into your technical operations with minimal disruption.

Research & Innovation Focus

Beyond compliance consulting, Code1001 conducts applied R&D in privacy- and security-critical AI systems. Current focus areas:

  • 01 Memory-safe systems architecture (Rust) for security-sensitive domains
  • 02 Neuro-symbolic AI architectures with deterministic safety constraints
  • 03 Privacy-by-design & zero-knowledge protocols for healthcare AI data protection
  • 04 AI governance frameworks aligned with ISO/IEC 42001 and the EU AI Act
  • 05 Federated learning & differential privacy for distributed clinical data

We work where compliance expertise meets engineering depth — designing AI systems that are auditable, certifiable, and trustworthy by construction.