IsecT’s professional services

All our services are custom-designed to suit client requirements. The following examples illustrate the kinds of activities we have performed previously, and we’re always keen to take on new challenges:

  • Arbitration - independent, unbiased expert assistance to review, understand, challenge and respond appropriately to IT audit reports, nonconformities, supplier assessments etc. (this is NOT legal advice!).
     
  • Audit and assurance such as: security strategy reviews; data centre & site/installation audits; software development projects audits; cloud supplier assessments/audits; ISO27001 pre-certification audits (readiness checks, gap analyses) ...
     
  • Service introduced March 2023 Change - being a credible, independent, convincing agent of change, helping clients create and exploit business opportunities to change-for-the-better, developing pragmatic strategies and plans, promoting and guiding execution, measuring success.
     
  • Service announced April 2023 CISO coaching and mentoring - a knowledgeable, trusted friend lending you an ear and offering expert guidance based on decades of experience.
     
  • Information risk and security management - strategy, policy and governance; identifying, evaluating and addressing information risks; benchmarking; assurance; business continuity management and resilience.
     
  • Information risk assessment - assistance to identify, evaluate, prioritise and decide how to address information risks.
     
  • Service introduced May 2023 Information security controls assessment - tell us which standards, requirements or guidance you’d like to be reviewed or audited against - Cyber Essentials, perhaps, or ISO/IEC 27701, PCI DSS, HIPAA or CSA or your own internal standards?
     
  • IT installation review - check your physical security arrangements, essential supplies, data centre access and so forth.
     
  • Interim management - holding the reins, stabilising the situation and assisting with the recruitment and settling-in of a replacement CISO or ISM.
     
  • ISO27k consulting - achieve and maintain ISO/IEC 27001 certification with our expert guidance, from initial planning through implementation support, ISMS management reviews and internal audits, leading to continuous improvement and maturity.
     
  • Service introduced March 2023 ISO27k support tools - help to determine your requirements, then survey the market,  evaluate, select and negotiate prices for the most appropriate tools/systems* for your organisation.
     
  • Policies and procedures - preparing pragmatic policies and procedures plus creative awareness and training content for staff, managers and professionals.
     
  • Post-incident reviews - dispassionately, competently and independently drawing out and evaluating relevant details, developing and elaborating on responses, providing forward-thinking management reports and initiating improvement activities.
     
  • Service introduced May 2023 Privacy impact assessments - need some help to review your privacy requirements and controls, dispassionately?  Call us!
     
  • Service introduced March 2023 Resilience engineering - establishing requirements, reviewing current capabilities, planning improvements and demonstrating genuine progress in areas such as resilient technology, people and infrastructure, plus the broader business and strategy aspects.
     
  • Security maturity - benchmarking i.e. reviewing an organisation’s information risk and security situation relative to good practices in the field, recommending and justifying improvements where appropriate.
     
  • Security metrics - designing and implementing a suite of metrics to manage information risk and security systematically, effectively and efficiently; auditing, reviewing, evaluating and improving existing metrics.
     
  • Technical documentation - preparation or updating of readable documentation describing IT systems, services, software, processes etc., plus training materials, launch packs, technical support guides and more.
     

* We don’t supply ISO27k support tools/systems ourselves (aside from our own document templates), and we have no commercial or sales/commission relationships with commercial tool suppliers. Call on us for competent, independent guidance and truly dispassionate advice.

Contact us

IsecT: security in IT

Copyright © IsecT Ltd. 2023

Information risk and
security consulting