Information risk and security management - strategy, policy and governance; identifying, evaluating and addressing information risks; benchmarking; assurance; business continuity management and resilience.
ISO27k consulting - adapt and adopt the good practices from ISO/IEC 27001; gap analyses; certification support; competent, independent advice.
Security policies - pragmatic policies and procedures plus creative awareness content for staff, managers and professionals.
Security metrics - designing and implementing a suite of metrics to manage information risk and security systematically, effectively and efficiently; reviewing and evaluating existing metrics.
Assurance - IT/ISMS audits & management reviews, data center audits; software development projects audits; cloud supplier assessments/audits ...
Interim management - holding the reins, stabilising the situation and assisting with the recruitment and mentoring of a replacement CISO or ISM.