Governance, security and compliance
Delivered by the people who will still be there in month six.
Senior, CISO-calibre practitioners. No handover to juniors after signature — which is the thing every consultancy promises and most quietly break.
Security
Security advisory and leadership
- Information security risk assessments
- ISMS implementation
- CISO advisory
- Virtual CISO — fractional security leadership for organisations that need the seniority but not the salary
Security
Operational security
- Security policy and framework development
- MSSP and cybersecurity team support
- Second-line IT risk management
- Programme uplift and maturity improvement
ISO
ISO management systems
Four standards, one senior team, one engagement.
- ISO/IEC 27001:2022 — gap assessment to certification
- ISO/IEC 42001 — AI management
- ISO 27701 — privacy information
- ISO 9001 — quality
- Statement of Applicability and risk treatment
- Internal audit readiness
Privacy
Privacy and data compliance
- POPIA compliance, end to end
- PAIA alignment and manuals
- RICA and Cybercrimes Act advisory
- GDPR alignment for international exposure
Privacy
Privacy Office and operations
Not just the assessment — the function that runs afterwards.
- Privacy Office establishment and operation
- Privacy Agent services under POPIA
- Deputy Information Officer appointments
- Privacy gap assessments and readiness reviews
AI governance
AI governance
For the board that has started asking what your AI actually does.
- AI governance framework design
- Responsible AI policy
- AI risk identification and treatment
- ISO/IEC 42001 assessments
- AI training video production for staff and board
Want to know if we cover your obligation? The coverage matrix maps every regulation and standard we work to against exactly what we do about it.
Is the deadline real yet?
Most people call us when it is. It is cheaper to call before.