GRC Consulting | 27001 Cyber Consultants | Assured GRC

Assured – Governance, Risk and Compliance

Assured Governance Risk and Compliance is an International professional services consultancy based in the City of London, United Kingdom. Its beginnings dating back to 1997 when Co-founder David Lilburn Watson established BCRM, a UK firm of London based Management Consultants that specialised in Cyber Security and Risk Management.

Today, Assured GRC consultants deliver Governance, Risk and Compliance solutions to organisations throughout the world.

The Assured GRC team consists of highly experienced, and specially selected, professional consultants based on their vast and unique experiences and professional reputations in their chosen fields. All have at least fifteen years practical experience for delivering quality assignments to Clients and who pride themselves on their honesty and integrity to provide the highest standard of service to their Clients.

Clutch is the best way to reach our audience and validate our commitment to providing exceptional service.

RISK MANAGEMENT

Our Services

Free Health Checks

Continuous Improvement

Certification & Remediation

Crisis Management

Cyber Security

A-GRC services at a glance

Health Checks ISO 9001, 19770, 20000, 22301, 27001 and more.
ISO Standards Gap Analysis and Preparation for Certification
Crisis and Communications Management Consultancy
Business Continuity and Disaster Recovery Consultancy
Cyber Security and Digital Forensics Consultancy
Management Systems and Risk Management Consultancy
Software Asset Management Consultancy
Remediation and Continuous Improvement Consultancy

For a full list A-GRC services please follow link

A number of the A-GRC ISO Consultants are also employed as freelance Certification Body Auditors, so are able to see the process from ‘both sides’. This insight allows them to make informed and pragmatic insights into the management system process and development for optimal business use.

A-GRC are independent consultants who do not supply any of the security equipment that they may specify for a Client.

Case Studies

ISO Standards

Sit on IST 33 that develops the ISO 27xxx range of standards.

P&I Club

Implement their GDPR processes, updated from DPA 98 and integrate into their ISO 19600 Compliance Management System (ongoing)

Civil Engineering Firm – Rail Infraco

Implement Cyber Essentials and elements of 10 Steps into their existing Integrated Management System and gain certification. (Duration 5 months) They passed

Marketing and Advertising agency

Perform ISO 27001, 22301, ISO 9001 and GDPR consultancy to get them through Certification be developing an ISMS with relevant supporting policies and procedures. (ongoing, passed stage 1 audit).

HNW Bank

Designed and implemented BS 10008 processes and procedures to enable them to pass a certificate of registration. (Duration 6 months) They passed

Medical Devices Organisation

integrating the requirements of HIPAA into their existing ISO 27001 and ISO 13485 certified systems.

Financial Clearing House

upgraded their ISO 27001:2005 to ISO 27001:2013 with a scope expansion and taking them through to gain a certificate of registration. They passed (Duration 3 months).

International Risk Consultancy

advice on ISO 27001 scope expansion and detailed gap assessment for the revised scope across 4 countries (Duration 6 months).

National Broadcasting Organisation

advice on governance risk and compliance for a new broadcasting channel for consumers based on ensuring appropriate data custodianship and governance – used ISO 27001 as the benchmark. Reporting to the Launch Director (Duration 3 months)

Telco

Lead the Telco to ISO 27001 certification for their smart metering rollout of 53 Million smart meters in 20 Million homes. This included integration of existing disparate systems including the CAS(T) / PSN backbone and associated infrastructure. Reporting to the CISO. Took them through ISO 27001 Certificate of Registration. They passed. (Duration 18 months)

Creative Consultancy

provide ongoing advice for their migration from ISO 27001:2005 to ISO 27001:2013 and integration of ISO 9001 and ISO 20000 into their IMS. Reporting to the IT Director (Duration 3 months)

P&I Club

Implement a governance and compliance process based on ISO 19600 and FCA guidance. Provide training for implementation. Governance, risk and compliance implementation. Reporting to the Managing Director (Duration 6 months)

Lloyds Shipping Broker

Work with the Governance and Compliance Director to create an integrated management system for governance, risk and compliance including FCA / PRA Handbooks, ISO 9001, ISO 27001, ISO 19600 and BS 10500. Provide training for implementation. (Duration 3 months)

Cyber Security Consultancy

Management systems implementation and auditing (ISO 27001, 9001, 20000, 22301, 17025, 17021). Multiple clients in Financial Services, Telco’s, UK Government and general commerce. Worldwide Lead for ISO management systems. (Duration 12 months).

Cloud and Outsource Service Consultancy

Perform ISO 27001 consultancy to get them through Certification by developing an IMS with relevant supporting policies and procedures. Performed internal audit function doing first and second party audits and gap analyses for their key suppliers. – They passed (Duration 6 months)

Creative Consultancy

Perform ISO 27001 consultancy to get them through Certification be developing an IMS with relevant supporting policies and procedures. Performed internal audit function doing first and second party audits and gap analyses. .Acted as interim Information Security Officer. – They passed (Duration 12 months)

Telco

Gap analysis of major Telco’s merging to identify gaps and recommend remediation for the new joint venture. Work is based on SarbOx, ISO 27001 and PCI DSS compliance (Duration 6 months).

Identity Management Start-up

Develop policies and procedures for a truly integrated peer to peer legal interoperability platform. Case studies included Health, XBRL, Law Firms, Smart Metering, Government / Citizen Services, SEPA. (Duration 18 months).

National Monetary Agency

Perform ISO 9001 consultancy and develop quality management continuous improvement processes to get them through certification and implementation of a quality management framework to continuously improve the business. This is to integrate with the ISMS developed in 2007 and their PCI DSS processes and forms part of their IMS – They passed (Duration 12 months).

Defence Contractor

Write a security plan for them for a multi-billion GBP security contract for a UK government department – ISO 27001, ISO 9001 , JSP 440, HMG InfoSec Standards (ISx, Memos and GPG) and integrated management systems (Duration 1 months).

Data Analytics Company

Perform ISO 27001 consultancy to get them through Certification – They passed (Duration 9 months).

Lloyd’s Broker

Development and testing of a business continuity plan to meet the requirements of BS 25999 and their business requirements (Duration 12 months).

Management consultancy

Development and implementation of a corporate governance and risk management (GRC) framework and implement it. This covered ISO 9001, ISO 20000, ISO 25999, ISO 27001, various legislation and best practice leading to certification (Duration 18 months).

Global Research Company

Implement ISO 27001, ISO 25999, ISO 9001 and Tickit to be able certification, based in Sweden and implementation of information risk management framework. They passed (Duration 30 months).

National Monetary Agency

Perform ISO 27001 and PCI DSS consultancy and develop security architecture framework to get them through certification and implementation of information risk management framework – They passed (Duration 12 months).

International Consultancy

Policy, procedure and consultancy advice for Digital Identity management. (Duration 6 months).

Consultancy

Creation of a Data Protection process and performing an audit to the 1998 DPA (Duration 6 months).

University Computer Centre

perform ISO 20000 and ISO 27001 (Service Delivery and Security) rollout for certification. Development of a BCP to support the certification. They passed (Duration 12 months).

Armed Forces (Army and Navy) UK

Training in Information Security for IRCA Certificated Auditor courses. Witnessed course passed by IRCA and so course certified.. (Duration 1 week).

List X Company

Audit existing ADS, SSPs and SyOPS, rewrite and align with BS 7799 and ensure compliance with IS1/2, GPGs and other relevant CESG guidance). Redo BCP and other procedures and submit for BS 7799 certification and upgrading to ISO 27001. They passed (Duration 6 months).

Investment Bank

Compliance audit including SOx, GLB, PCI DSS and BS 7799 with recommendations for closing the gap identified (Duration 3 months).

Cheque Printer

Perform ISO 27001 consultancy to get them through Certification – along with APACS 55 certification. They passed

Rail Infraco

Develop a set of business continuity plans for the Infraco. These covered loss of facilities rather than the traditional ‘railway crash’ scenarios.

Major City Law Firm

Review current client facing Internet applications from a security standpoint and make recommendations for improvement. This included technical testing as well as management reviews.

Major City Law Firm

Evaluate requirements for DRP and BCP for London office (main office). Plan and implement both plans and create templates for rollout to the remaining offices (22).

UK Government Department

created their security management plan, based on ISO 27001 SPF and supporting standards, for the whole department.

Language:

Information Governance, Risk
& Compliance Consultants

Assured – Governance, Risk and Compliance

PROVIDE GOVERNANCE

HEALTH CHECK

CERTIFICATION SERVICES

BUSINESS CONTINUITY

CYBER SECURITY

RISK MANAGEMENT

Our Services

Free Health Checks

Continuous Improvement

Certification & Remediation

Crisis Management

Cyber Security

A-GRC services at a glance

Case Studies

Case Studies