Turning compliance requirements into ways to improve a Business

#ISO27001 | #GDPR | Helping companies manage compliance requirements and security risks – cyber, electronic and paper records, people, process, data protection legislation, physical access and business continuity –  in a way that delivers tangible business benefits and avoids issues that lead to financial loss and reputational damage

Details on five ways we can help YOUR business >>

Protect your Information, Protect your Reputation

Manage Security Risks

Manage security risks

We help you manage all types of security risks; people, cyber, physical access, process and business continuity.

Get ready for GDPR

Data Protection/GDPR 

We strip away the fear and myths to explain what is required to meet the GDPR and Data Protection Act 2018 requirements. And we can talk to you about Marketing (PECR) as well

Answering Information and Cyber Security questions

Dependable Advice

We will answer any questions you have about Information and Cyber Security and ISO27001.

We don’t do IT. We don’t sell products.
We give honest and practical advice on best practice to manage all the security risks to your business, and help you develop and implement programmes to integrate security and good data governance into your culture so you avoid data breaches and compliance issues that lead to financial loss and reputational damage.

View All Features

Our Blog

The majority of offices use CCTV as part of their security measures to protect the perimeter of buildings and/or to monitor restricted areas. There is nothing wrong in doing this providing a legal basis for processing the personal data (images) is established,  you tell people what it is used for and meet any requirements laid… Read More

Continue Reading

Ditto AI Limited is an Explainable AI (XAI) company, that serves regulated, safety critical sectors that require accountability and transparency in their AI solutions. The security and integrity of information is seen as critically important to their business. With a target market of regulated industries, getting the ISO27001 certification made perfect sense both technically and… Read More

Continue Reading

Phishing emails – you get them, I get them and those pesky cyber criminals continue to evolve the format to try and get people to click links or download files that contain malware. The majority are easy to identify from the content.  Messages from banks you don’t use and links to invoices from companies you… Read More

Continue Reading

The GDPR refers to large scale processing several times. Questions about what is meant by this come up on a regular basis. We have produced a short video with details on factors to consider, examples of large scale processing and examples of what isn’t large scale processing. Get in touch if you need help with… Read More

Continue Reading

This blog was written after recently working with different companies on their Information Security Management Systems (ISMSs).  The ISO27000 standard – the Overview and vocabulary part of the ISO27nnn series – defines an ISMS as consisting of “policies, procedures, guidelines, and associated resources and activities, collectively managed by an organization, in the pursuit of protecting its… Read More

Continue Reading

Meeting the General Data Protection Regulation (GDPR) requirements isn’t a one-off ‘set and forget’ activity. Ongoing work is needed to ensure the requirements continue to met, this is covered by the Accountability principle in Article 5. It states that the controller “shall be responsible for, and be able to demonstrate compliance with, paragraph 1”; and… Read More

Continue Reading
View Blog