Security and compliance approach

Last updated: 12 May 2026

NewBridge Pathway is a research-led advisory firm in the pre-commercial-engagement stage. This page documents our current security and compliance posture plainly: what exists today, what is not yet in place, and what triggers the next maturity step. We do not maintain a third-party trust portal at this time.

Current posture

NewBridge Pathway is building toward an assurance posture suitable for SOC 2, ISO 27001, or Cyber Essentials Plus when commercial triggers justify it. We do not currently present third-party assurance badges. Our current posture is based on documented operating controls, restricted access, protected source control, controlled evidence handling, incident-response discipline, and engagement-specific data handling. Formal assurance, insurance certificates, and buyer questionnaire responses are handled as part of regulated commercial engagement readiness.

Where we stand today

The summary below names current posture, gaps, and trigger points. Detailed control descriptions, insurance certificates, and buyer-questionnaire responses are provided under non-disclosure at commercial engagement.

How to request more detail

Buyer procurement teams: detailed control descriptions, insurance certificates of currency, sub-processor information, and buyer-questionnaire responses are provided under non-disclosure at commercial engagement. For press, partners, or general inquiries, the contact pathways on the contact page are the correct route.

Related

• Operational resilience – how NewBridge thinks about its own important services, dependencies, and continuity.
• Risk management approach – operational and engagement-specific risk discipline.