IT Security

ISO/IEC 27001:2013 (ISO 27001) is the international standard that describes best practice for an ISMS (information security management system). Achieving certification to ISO 27001 demonstrates that your company is following information security best practice, and provides an independent, expert verification that information security is managed in line with best practice and business objectives. ISO 27001 is supported by its code of practice for information security management, ISO/IEC 27002:2013.

We are ISO 27001 certified Information security practitioners and Certified Information Systems Auditors (CISA) along with other relevant certifications, skills and experience. The process to become compliant is as follows at a very high level:

  • Identify information assets
  • Create a Statement of Applicability
  • Create a risk register
  • Review and Apply risk mitigation’s
  • Conduct an internal audit
  • Update policies and procedures


Data Protection and GDPR

The Data Protection Act in UK is being replaced with General Data Protection Regulation (GDPR) from May 2018. There will now be more requirements for Data Protection and Information security for all organisations that deal with personal data (data from which a living individual can be identified). This link has some details Please read more on or GDPR guidance page on this website or take fill in the GDPR Self-Assessment questionnaire.

We can help in doing audits, assessments and policy/procedure updates


Project Management

We can provide advice and support on the full Project Management lifecycle including Business Analysis in the following areas for Procurement and Implementation of IT Systems and services:

  • Market Research
  • Business Requirements Gathering
  • Creating a Business Case
  • Forming a Project team structure
  • Quality assurance
  • Project Planning/ Resource scheduling
  • Risk management
  • Change management
  • Project communications
  • Benefits realisation
  • Project Closure