Certified Cyber Security Consultancy: Cyber Security Audit and Review
This cyber security consultancy is aligned with the requirements of the CESG’s Certified Cyber Security Consultancy Scheme (CCSC) and delivers bespoke consultancy services for compliance with the UK Government’s stringent security requirements.
The new scheme replaces the former CESG Listed Advisor Scheme (CLAS).
What can you expect from this consultancy service?
This service will deliver an independent assessment of your organisation’s compliance with UK Government security objectives, policies, standards and processes, such as the HMG Security Policy Framework (SPF) and IA Maturity Model (IAMM), and relevant industry or private-sector schemes such as ISO 27001, Cyber Essentials and the PCI DSS.
Guided by a CESG Certified Professional you will receive consultancy support and advice on:
- Verifying that information processes meet the security criteria, requirements or policy, standards and procedures;
- Defining and implementing processes and techniques to ensure ongoing conformance to security policies, standards, and legal and regulatory requirements;
- Carrying out security compliance audits in accordance with an appropriate methodology, standard or framework;
- Providing impartial assessment and audit reports covering security compliance audits, investigations and information risk management;
- Providing an independent opinion on whether your organisation is meeting information assurance control objectives;
- Developing audit plans and audit regimes that match your organisation’s business needs and risk appetite;
- Identifying your organisation’s systemic trends and weaknesses in security;
- Recommending responses to audit findings and appropriate corrective actions;
- Recommending appropriate security controls;
- Assessing the management of information risk across the organisation or business unit;
- Recommending efficiencies and cost-effective options to address non-compliance issues and information assurance gaps identified during the audit process;
- Objectively assessing the maturity of an existing information auditing function using cross-government benchmark standards.
Why IT Governance?
With a strong background in ISO 27001 and cyber security, combined with extensive expertise in dealing with the private and public sector, IT Governance is well placed to deliver the guidance and support required to meet the stringent requirements laid out by the UK Government for information security and assurance. Read more about us here.
Contact us for more information, or to speak to a member of our team about how IT Governance can help your project.