Services
Three engagement models. One operating standard.
Each engagement is scoped against a defined framework and delivered by senior practitioners. We do not deploy junior teams to learn on your programme.
Service 01
GDPR & data protection
A defensible data-protection posture under the EU GDPR, the Irish Data Protection Act and sector codes. We operate as your acting DPO or alongside your in-house function.
- Typical duration
- 6 — 14 weeks
- Cadence
- Quarterly review
Deliverables
- Article 30 record of processing activities
- DPIAs and Legitimate Interest Assessments
- Schrems II transfer impact assessments
- Vendor due-diligence and DPA library
- Subject-rights operating procedures
- Breach response runbooks and notification templates
Scoped under a fixed-fee engagement letter.
Discuss scopeFrequently combined with ISO 27001 readiness for an integrated control framework.
Service 02
ISO/IEC 27001 readiness
From gap to certification. We build the Information Security Management System your auditor will accept and your engineers will actually operate.
- Typical duration
- 10 — 16 weeks
- Cadence
- Annual surveillance support
Deliverables
- Scoping workshop and ISMS charter
- Risk assessment and treatment plan
- Statement of Applicability (Annex A:2022)
- Policy suite and control narratives
- Internal audit programme and management review
- Stage 1 and Stage 2 audit liaison
Scoped under a fixed-fee engagement letter.
Discuss scopeService 03
Ongoing compliance monitoring
A managed second-line function. We test controls on a rolling basis, scan the regulatory horizon and report directly into your audit committee.
- Typical duration
- 12-month rolling
- Cadence
- Monthly operating rhythm
Deliverables
- Quarterly control testing across in-scope frameworks
- Regulatory horizon-scanning briefings
- Issue and exception tracking
- Board-grade reporting pack
- Auditor and regulator point of contact
- Annual programme maturity assessment
Scoped under a fixed-fee engagement letter.
Discuss scopeNot sure which engagement fits your obligations?
A 30-minute scoping call is the fastest way to find out. No deck, no follow-up sales sequence.
Book a scoping call