Turning compliance requirements into ways to improve a Business

Helping companies manage compliance requirements and security risks – cyber, electronic and paper records, people, process, data protection legislation, physical access and business continuity –  in a way that delivers tangible business benefits and avoids issues that lead to financial loss and reputational damage | ISO27001 | GDPR

Details on five ways we can help YOUR business >>

Protect your Information, Protect your Reputation

Manage Security Risks

Manage security risks

We help you manage all types of security risks; people, cyber, physical access, process and business continuity.

Get ready for GDPR

Data Protection/GDPR 

We strip away the fear and myths to explain what is required to meet the GDPR and Data Protection Act 2018 requirements. And we can talk to you about Marketing (PECR) as well

Answering Information and Cyber Security questions

Dependable Advice

We will answer any questions you have about Information and Cyber Security and ISO27001.

We don’t do IT. We don’t sell products.
We give honest and practical advice on best practice to manage all the security risks to your business, and help you develop and implement programmes to integrate security and good data governance into your culture so you avoid data breaches and compliance issues that lead to financial loss and reputational damage.

View All Features

Our Blog

If you give an App access to your emails (and other data) it should come as no surprise that they use the access. And sometimes that could mean humans reading emails contents, and possibly not for the expected reason.  Here are ways to check who has access to your data in Google and Microsoft.com and… Read More

Continue Reading

IAPP has published details about the number of complaints received by different data protection authorities (DPAs) in the first month after the GDPR started to be enforced. It isn’t a full picture as there are no details from Croatia, Cyprus, Finland, Germany, Greece, Hungary, Italy, Latvia, Lithuania, Luxembourg, Poland, Portugal and Spain. The accuracy and consistency of… Read More

Continue Reading

ISO27001 is the international standard for Information Security, and there are several reasons for deciding that certification is a business requirement. For some companies, it becomes a requirement to get shortlisted for new work. For others, it can be a way for management to ensure good security practices are in places as they grow or… Read More

Continue Reading

A discussion about security measures with an SME I have been working with highlighted the need to provide some tips on how to protect files. They wanted to add passwords but were not sure of the best way to do this. So here is the way to do it in MS Office applications for Office365.… Read More

Continue Reading

One of the early stages to prepare for the General Data Protection Regulation (GDPR) is identifying the Personal Data you process; this blog provides a framework to build a Personal Data Inventory. An inventory is not a requirement of the GDPR, but it is a good way to build up a picture of the personal… Read More

Continue Reading

Legitimate interests (LI) is one of the lawful basis for processing personal data. The ICO say it is appropriate “where you use people’s data in ways they would reasonably expect and which have a minimal privacy impact, or where there is a compelling justification for the processing”. The three parts to the test to identify a LI have been… Read More

Continue Reading
View Blog