Consultancy Services - Governance, Risk and Compliance

We specialise in governance, risk and compliance, and our consultancy services guide and support organizations tackling all GRC areas, including information risk.

Our GRC consultants can help you tackle:

• Best practice IT management (CobiT, ITIL, ISO27001, Prince2, etc)
• Business Continuity, BS25999 and BS25777
• Compliance - IT regulatory compliance
• Codes of Connection, including Connecting to N3
• Data Protection Act (DPA) compliance
• Document Management systems and platforms (Q-Pulse)
• Gap Analysis (to best practice, legal compliance, etc)
• High Performance IT
• Implementing Management Systems - ISO27001 (ISMS), ISO20000, BS25999, Integrated Management Systems (PAS99)
• Information governance
• Information Risk and ISO27001
• IT Governance, and IT Governance frameworks (including CobiT)
• IT Service Management (ITIL, ISO20000)
• PCI Compliance
• Quality Management Systems (ISO9001)
• Regulatory compliance
• Risk assessment and risk management
• Security Plans
• Supplier Audit & Assurance
• tScheme Compliance

Our practical experience in these fields ensures that our leading edge solutions deliver bottom-line value for money. Email us (or telephone + 44 845 070 1750) to talk to someone in our consulting support team now.

ISO27001 Information Risk & Security Consultancy

Our expertise with ISO 27001 (what used to be called BS7799/ISO17799) - dates from the very first implementation of an accredited ISMS and virtually guarantees that you will achieve BS7799/ISO27001 certification first time.

Our experienced and practical consultants provide advice and support through all phases of an ISO 27001 project, from pre-planning and board approval through implementation to succesful certification.

• We understand how to implement systems designed to conform to sector schemes, such as APACS.
• We also have a fast track implementation process that ensures you get maximum benefit for minimum cost.

Read more about our guaranteed ISO27001 certification service, or contact our friendly. professional ISO27001 Consulting Services Team for more information today. 

Our information security consulting services can also cover PCI compliance, Data Protection Act compliance, information security risk assessment and information security governance.

IT Governance Consultancy

Our consultants work with your board, senior executives and functional specialists to help define, develop and implement an IT governance framework that is appropriate for your business. Deploying best practice to align technology infrastructure, IT investment and business goals improves internal effectiveness, ROI and shareholder value. Please contact us to for more information or to arrange an initial meeting. 

IT Service Management, ITIL and ISO/IEC 20000 Consultancy

As IT Service Management becomes ever more important in organizations today, so the deployment of best practice (eg ITIL) or the development of a Management System that can be certified to ISO/IEC 20000, becomes a bigger challenge. And the challenge is even greater when management systems have to be integrated, for the most cost-effective and efficient corporate structure. Our IT Service Management consulting team is expert at designing and deploying IT Service Management structures, and at integrating with other management systems, such as ISO/IEC 27001, the information security management standard.  

Risk Management Consultancy

In line with Turnbull and Basle, we help formalise and structure your approach to strategic and operational risk. Our approach takes into account the complex competitive, regulatory and environmental factors that affect achievement of your strategic goals. Our work can include development of a corporate risk log, through risk treatment plans to risk assessment and review processes. Please contact us for more information or to arrange an initial meeting.

Data Protection, Records Management and Information Governance

The Data Protection Act ('DPA') imposes specific requirements on organizations, but it is not always clear what must be done once the registration form is completed. Our consultants can assess the extent to which you are currently in non-compliance with the DPA and help you plan how to close the gap.

Data retention periods and email management are also increasingly critical areas for today's organizations. Our consultants can help you put together a strategy that will help you comply with the law and meet the variosu regulations that apply to your business.

Training Services

Our experienced trainers can provide a wide range of in-house training, covering the entire IT governance spectrum, from business continuity to information security and IT governance itself. Please contact us for more information on our in-house training services, or get more information on our public ISO 27001 information security courses.

White Papers

We write White Papers for companies who are looking for expert help to identify how their products or services can be aligned with best-practice information security or IT governance frameworks. "Basically bloody brilliant" is how a recent customer described a White Paper that we developed for them. Here are some White Papers that we have developed for customers recently.

Presentations and seminars

From time to time, Alan Calder does presentations and seminars on specialist information security and IT governance subjects at selected conferences and on webinars. There is information about a small number of these on this page.

Bookmark with:

What are online bookmarks?