← Blog overview

How TrustSpace cut ISMS audit report drafting from 4 hours to 20 minutes with Claude

How TrustSpace cut ISMS audit report drafting from 4 hours to 20 minutes with Claude

At GoTeams, the AI delivery practice of GoGroup GmbH, we build production AI features for our partners. TrustSpace, which helps companies achieve and manage compliance with ISO 27001, TISAX®, and NIS-2 by combining an ISMS platform with expert consulting, came to us with a problem that gets worse as you grow: one core part of their work refused to scale. This is how we solved it together using Claude and what it changed for their consultants and customers.

Why audit reporting doesn’t scale with headcount

Every TrustSpace customer assessment needs two things: audit questions mapped to the relevant framework requirements, and a structured audit report at the end. Both were manual. A consultant would derive questions from the framework controls, work through the assessment, then spend around four hours drafting the report: formatting findings, referencing controls, writing up gaps and recommendations.

The work is essential, but most of it is structured transformation of information that already exists in the completed assessment. That is exactly the kind of task that ties a firm’s most experienced people to document formatting instead of advising customers. It was the bottleneck between “assessment done” and “customer has their report,” and it got worse with every new customer TrustSpace added.

What we built

Working alongside the TrustSpace team, we built two new modules into the TrustSpace platform, powered by Claude via the Anthropic API.

Question Generation

Claude generates audit questions directly from compliance framework requirements, both predefined question sets and questions tailored to a customer’s specific scope. Consultants review and adjust rather than drafting from scratch. The framework controls are the source of truth; the model does the first-pass structuring.

Report Generation

From the completed assessment, Claude produces a structured audit report draft: findings mapped to controls, identified gaps, and recommendations, in our report format, ready for consultant review and finalization.

The design principle we held throughout: the consultant stays in the loop on every report. What changed is where their time goes: review and judgment, not drafting and formatting.

The impact

Both modules have been in production since June 2026, serving TrustSpace’s compliance customers. The results that mattered to them:

  • Drafting time: from 4 hours of consultant time to a structured draft in 20 minutes, reviewed and finalized by the consultant.
  • Consistency: report structure and control referencing are now uniform across every assessment, regardless of which consultant runs it.
  • Where senior time goes: away from boilerplate transformation and back toward customer advice and judgment calls.

“Audit reporting was the part of our work that scaled the worst. Now our consultants spend their time on judgment and customer advice, and the reports are more consistent than ever.”

Masih Sediquian, Founder, TrustSpace

What’s next

This is the first phase. Next, we’re adding retrieval-based querying over customer policy documents, so assessments can draw directly on a customer’s existing documentation, followed by Claude-powered support for customer queries later this year.

The audit question and report generation modules were designed and built by GoTeams, the AI delivery practice of GoGroup GmbH, in partnership with TrustSpace.