SOC2 | ISO27001 | NIS2 | Cyber Essentials Guidance

Cyber Essentials

Our consultants work closely with your team(s) to allow you to achieve Cyber Essentials / Cyber Essentials+ rapidly.

CE / CE+ is a baseline accreditation any organisation, small or large, should have, but achieving it is quite simple.

Our consultants will prepare your organisation, review technical capabilities and processes to allow you to complete the assessment rapidly.

Dependent on your organisation we can often have you ready for a Cyber Essentials assessment in a day*

Speak to a Consultant

ISO27001

ISO27001 certification demonstrates to customers and competitors alike that you have a baseline of Information Cybersecurity policies and procedures in place that have been reviewed and audited.

Implementing an Information Security Management System (ISMS) and an Information Security Management Forum (ISMF) alongside well defined (and organisation relevant) policies, procedures and processes are the first steps on the journey to certification.

Our consultants will review your current practices, policies, procedures and general Information Security Management and advise on the simplest strategies to align with the requirements of ISO27001 and become certified, year on year.

Speak to a Consultant

NIS2

The NIS2 directive (formerly NIS) came into effect in 2023, and is the EU-wide legislation on cybersecurity. The NIS2 Directive provides legal measures to boost the overall level of cybersecurity in the EU by ensuring Member States’ preparedness, by requiring them to be appropriately equipped and resilient to cyber attack(s).

The NIS2 directive focusses on the following vital sectors;

• Energy
• Transport
• Water
• Banking
• Financial market infrastructures
• Healthcare
• Digital infrastructure.

Businesses identified by the EU  Member States as Operators of Essential Services (OES) in the above sectors will have to take appropriate security measures and notify relevant national authorities of serious incidents.

Our consultants have worked with multiple EU based organisations in the aforementioned sectors and assisted them to understand their current Cyber Security Maturity, their preparedness and assisted in completing Operator of Essential Services (OES) returns to the relevant member state authorities.

Speak to a Consultant

SOC2

A SOC2 audit reviews a body of evidence, often across a period of 9-12 months relevant to the scope, trust service principles and controls in place by the organisation.

SOC2 focusses on the body of evidence provided relevant to the policies, procedures, people, controls and processes in place. Essentially you must evidence what you state you’ve implemented.

Small issues in the control alignment will result in Minor non-conformities, whereas larger issues will result in Major non-conformities and likelihood of an audit failure.

Speak with one of our consultants to understand the requirements and nuances of SOC2 Type 1 and Type 2 audits, a review of your current controls and actionable advice, prioritised relevant to your organisation that will help enable you to pass a SOC2 audit by a Certified Public Accountant (CPA).

Speak to a Consultant