Risk, Security and Quality Advisory and Assurance
Understanding risk and being able to progress with assurance in your capabilities are fundamental to the process of undertaking transformational change, which is by its nature inherently risky.
There are so many threats that it can be hard to know where to focus, and what to take seriously. Our role as trusted advisers is to provide you with the information you need to manage the security risks to your people and information and ensure continuing quality in your operations and services.
Many of our consultants come from assurance backgrounds and bring extensive experience, legislative knowledge and professional impartiality to enable us to carefully scan your environment, understand your current practices, identify areas of vulnerability and develop strategies to mitigate them. Many of our consultants are industry certified, including IRAP, CISSP, CISA and CRISC.
As a core competency, this focus on risk, security and quality underpins much of the work we do – whether it is when implementing a standalone solution, reviewing data and information practices, designing a transformational programme, or advising on Cloud computing option.
Our assessments and remediation plans are based on International Organisation for Standardisation (ISO) guidelines, such as ISO31000, 27001 and 9001, Government legislation and directives, such as the Information Security Manual (ISM) and Protective Security Framework Policy (PSPF) and industry driven experience in providing assurance through technology, policy and experience.