Privacy & Security

Did you know that?

• there are only 5 steps you need to take to be accredited with Cyber Essentials!  With our guidance this level of protection isn’t that hard to achieve.
• as part of your information strategy we can work with you to ensure your governance, risk and compliance aligns with your business goals and strategy.
• a data privacy notice forms the baseline of your legal requirement to do business and places you in a strong position for data processor agreements and additional protection for your business and clients.

Through our partners we are committed to providing you with the best advice and content services to match your business requirements.

Why not take the first step and we can undertake an initial privacy and security health check.

This is an example of what we offer though our Associates:

Contracts of Employment

• Data Privacy Notice.
• Data Processor Agreements.
• Information Strategy Advice.
• Policies, Procedures, Handbooks and Data Control Design.
• Cyber Essentials documentation.
• Assistance with Vendor Security Questionnaires.

Contact us for a full list of services.

Cyber Security Handbook

• easy to read and understand content that aligns with your business requirements allowing all staff to understand their obligations.
• forms a workbook to assist in ongoing accreditation.

Policies and Procedures

Where a policy is listed we can provide the associated procedures, standards, handbooks and guidance to accompany them.

Asset Management

• Acquisition of hardware, software and services
• Backup & Restore
• BYOD
• Classification of information
• Clear desk policy
• Data sharing and exchange
• Data Privacy Notice
• Handling/disposal of computer equipment & information assets
• Intellectual property
• Media handling
• New Computer Setup Policy
• Ownership and responsibilities
• Patch Management
• Physical security
• Risk Register

General

• Access Control
• Audit Policy
• Business continuity, disaster recovery, and resilience
• Information Security Policy
• Information Security Strategy Guidance
• Physical and environmental protection
• Secure business operations
• Security Policy

People

• Acceptable use of computers
• Architecture
• Assessment
• Change Management
• Data and account access
• Data Processor Agreement
• GDPR Data protection
• Exit Procedure
• E-commerce and credit card handling
• Governance
• Incident and event management
• Legal and regulatory compliance
• Passwords and key management
• Remote access - VPN
• Remote working
• Remote Server Access
• Security Roles & Responsibilities.
• Risk management
• Special Privileges Register
• Supplier Security Compliance
• Third-party services
• Training and awareness

Technology

• Authorised Software Policy
• Communications
• Configuration management
• Encryption
• Internal Server Security
• Cloud Computing
• Internet Connection
• Mobile devices
• Monitoring
• Protection against malicious software
• Testing

The policies above can be purchased individually or as a suite at a discounted rate.

Consultancy

If you can't find what you are looking for, our Associates can offer bespoke Consultancy tailored to you business needs.

‍