"Promoting integrated management systems to continually improvement processes and further individual and business success stories, likewise as auditor, consultant and trainer. "
Martin Holzke obtained a Master’s degree in Physics from a university in Germany in 1990. Since then, he has worked as a freelancer, initially based in Germany (until 2001), followed by Scotland (2001-2014), and now the Canary Islands (since 2014), collaborating with clients worldwide both onsite and remotely. He began his career in software engineering, then transitioned into IT, information security, and eventually to a broad range of integrated management systems. He is also a lifelong advocate of remote work for environmental reasons. As a degree-educated physicist with over 30 years of global experience as a freelance trainer, consultant, auditor, and UKAS assessor for integrated management systems, Martin embraces a generalist approach that merges the best practices from all sectors.
Professional Experience
ISO Expertise: With over 15 years of experience in management system training, consultancy, and auditing, I initially specialized in ISO/IEC 27001 and have since expanded my expertise to include ISO 9001, ISO 14001, ISO/IEC 20000, ISO 22301, ISO/IEC 27701, and more. Additionally, I have experience with related accreditation standards, such as ISO/IEC 17021 and ISO/IEC 27006, and serve as a UKAS technical assessor.
I began my electronics and software engineering career in the mid-1980s, which led me to freelance directly after university in 1991. In the early 2000s, I transitioned into IT security (SOX), followed by information security in the late 2000s. Today, my expertise spans a wide range of integrated management systems, where I work as a trainer, consultant, and auditor.
In 2011, a PECB partner approached me to deliver ISO/IEC 27001 training across Europe, a role I continue to fulfill. Additionally, I have been a technical assessor for the United Kingdom Accreditation Service (UKAS) since 2012, covering various IT-related schemes and evaluating certification bodies and their auditors to ensure competent certification practices. Based in Lanzarote since 2014, I founded ‘ISO in the Sun,’ where he regularly conducts PECB and other training courses.
Martin Holzke's experience in auditing
With the introduction of Sarbanes-Oxley (SOX) following the early 2000s financial reporting scandals, the need for IT security auditing as part of financial audits emerged. Recognizing the rising demand and shortage of qualified IT auditors, I took on my first SOX IT General Controls (ITGC) assignment in 2004, conducting internal audits for a multinational electronics company across Europe. My background in systems development, IT training, and fluency in English and German (which proved valuable in Eastern European countries recently integrated into the EU) led to this opportunity.
Over the years, I have taken on numerous SOX ITGC internal audit assignments, primarily in electronics and telecoms. Some of these expanded into information security based on ISO/IEC 27001 in the late 2000s.
In 2016, through a PECB contact, I took on my first certification projects for MSECB in Germany.
I believe that auditing and certification services significantly benefit clients. The ability to audit a management system for its implementation adds value by not just focusing on the ISO standards’ wording but also understanding their true intention. This broader perspective helps clients implement management systems that benefit the organization, not just pass an audit. I have always avoided clients who pursue certification without seeing the value in a system designed to improve their operations. Clients who embrace continual improvement often appreciate the added value of my audits, actively addressing nonconformities and opportunities for improvement.
Looking ahead, my career has been a journey of continuous growth, and I am excited for the future. There is still much to be done in management systems, and I encourage younger colleagues to join this evolving field. Many industries and regions have yet to start their journey, and we will not run out of work anytime soon. New challenges, such as AI, are constantly emerging, and I plan to expand my expertise to include ISO/IEC 42001 as one of the next areas of focus in my ever-growing professional portfolio.
Martin Holzke's experience with MSECB
I began working with MSECB (formerly part of PECB) in 2016, after several years as a PECB trainer. At that time, a colleague approached me to oversee the certification of a client’s well-integrated management system (IMS) across four ISO standards. Over the years, I have been invited by them to conduct certification audits for different clients.
What sets MSECB apart for me is its ability to turn around projects swiftly—from providing quotations to reviewing audit reports, making decisions, and issuing certificates. Clients frequently highlight this efficiency as a standout feature.
As an auditor, I also value MSECB’s flat organizational structure, which provides easy access to staff for discussing matters such as special client requests, audit approaches, and feedback. This open communication fosters a responsive, pragmatic, yet firm approach to ensuring robust and reliable certifications.
Additionally, MSECB has been an early adopter of remote auditing, ensuring uninterrupted operations during COVID-19 and facilitating hybrid audits that reduce travel effort, expenses, and environmental impact. With many businesses shifting to fully virtual operations, MSECB is well-positioned to serve these clients.
Build endless connections and professional networks by joining our team of over 500 MSECB Auditors.
We welcome you on board!