IsecT’s professional services include:

  • Information risk assessment - assistance to identify, evaluate, prioritise and decide how to address information risks.
     
  • Information risk and security management - strategy, policy and governance; identifying, evaluating and addressing information risks; benchmarking; assurance; business continuity management and resilience.
     
  • ISO27k consulting - adapt and adopt the good practices from ISO/IEC 27001; implementation projects; gap analyses; certification support; competent, independent advice and guidance.
     
  • Service introduced March 2023 ISO27k support tools - help to determine your requirements, then survey the market,  evaluate, select and negotiate prices for the most appropriate tools* for your organisation.
     
  • Security policies - preparing pragmatic policies and procedures plus creative awareness content for staff, managers and professionals.
     
  • Technical documentation - preparation or updating of readable documentation describing IT systems, services, software, processes etc., plus training materials, launch packs, technical support guides and more.
     
  • Post-incident reviews - dispassionately drawing out and evaluating relevant details, developing and elaborating on responses, initiating improvement activities.
     
  • Security metrics - designing and implementing a suite of metrics to manage information risk and security systematically, effectively and efficiently; reviewing, evaluating and improving existing metrics.
     
  • Security maturity - benchmarking i.e. reviewing an organisation’s information risk and security situation relative to good practices in the field, recommending and justifying improvements where appropriate.
     
  • Assurance - IT audits, ISMS internal audits & management reviews, data center & site/installation audits; software development projects audits; cloud supplier assessments/audits; pre-certification audits (readiness checks) ...
     
  • Arbitration - independent, unbiased expert assistance to review, understand, challenge and respond appropriately to IT audit reports, nonconformities, supplier assessments etc. (this is NOT legal advice!)
     
  • Interim management - holding the reins, stabilising the situation and assisting with the recruitment and coaching/mentoring support of a replacement CISO or ISM.

* We don’t supply ISO27k support tools ourselves (aside from document templates), and we have no commercial or sales/commission relationships with tool suppliers. Come to us for competent independent guidance and truly dispassionate advice. We have no axe to grind, except yours.

Contact IsecT

IsecT: security in IT

Copyright © IsecT Ltd. 2023

Information risk and
security consulting