8th August 2018
Recognised by Gartner as an IRM (integrated risk management) solutions provider, we are a growing business with over 12 years’ experience, 400+ customers and a GRC (governance, risk, and compliance) renewal rate of 98%. We are proud to hold the following accreditations, and our team works hard to retain them every year:
ISO 27001 is the best-known ISO standard providing requirements for an information security management system (ISMS). Compliant organizations have demonstrated they take a systematic approach – including people, processes, and IT systems – to manage sensitive company information so that it remains secure. ISO 27001 companies have been independently verified as achieving operational excellence, minimizing the risks to potential data security breaches.
The ISF is the world’s leading authority on cyber, information security and risk management. As a member, we have access to a comprehensive library of research reports, which includes risk analysis and continuous benchmark tools and methodologies. It’s an exclusive organization where members can collaborate, share any challenges and develop solutions with their global peers, as well as learn about the latest security issues from industry experts.
The CHECK scheme enables penetration testing by NCSC approved companies, employing penetration testing personnel qualified to assess IT systems for the Government and other public sector bodies. To become a CHECK company, you must apply and be approved by the assessment panel. This requires you to meet a strict set of requirements, which includes personnel holding SC clearance, passing annual examinations and providing evidence of penetration testing experience.
CREST provides organizations wishing to buy penetration testing services, threat intelligence or incident response services, with confidence that the work will be carried out by qualified individuals with up-to-date knowledge, skill, and competence of the latest vulnerabilities and techniques used by real attackers. CREST member organizations have demonstrated a level of assurance of processes and procedures and validated the competence of their technical security staff.
The PCI Security Standards Council maintains a structured process for security solution providers to become Approved Scanning Vendors (ASVs), as well as to be re-approved each year. The five founding members of the Council recognize the ASVs certified by the PCI Security Standards Council as being qualified to validate adherence to the PCI DSS by performing vulnerability scans of Internet facing environments of merchants and service providers.
Cyber Essentials Plus certified organizations have a clear picture of their organization’s cybersecurity level and have been verified by independent experts as demonstrating they have the cybersecurity measures in place to protect against an attack. Affiliates must comply with the requirements of the scheme, which center on five technical control themes: firewalls, secure configuration, user access control, malware protection and patch management.