Expanding our expertise
After achieving my ISO/IEC 27001:2022 Lead Implementer certification last year, I have now gained my ISO/IEC 27001:2022 Lead Auditor qualifications on a CQI and IRCA-certified course. This, along with my extensive knowledge of Quality Management Systems complying with ISO 9001:2015, will allow us to provide pragmatic solutions to all our clients for Information Security and […]
Why Most ISO 27001 Implementations Fail Before Certification
ISO 27001 Should Strengthen Your Business — Not Overwhelm It Many organisations begin their ISO 27001 journey with good intentions. They want to improve security, win client confidence, satisfy supplier requirements, or support growth into larger markets. Yet a significant number of implementations struggle long before the certification audit takes place. Not because ISO 27001 […]
Why Engaging a Consultant Is a Smart Move When Starting Your ISO 27001 Journey
Introduction Implementing an Information Security Management System (ISMS) aligned with ISO/IEC 27001 is a significant undertaking for any organisation. Whether you are pursuing certification to win contracts, meet regulatory expectations, or strengthen your information security posture, the early stages of implementation often determine long-term success. While it is possible to implement ISO 27001 internally, engaging […]
Why hire me…
I am an independent consultant based in the UK looking to help businesses and expand my portfolio, utilising my skills and diverse knowledge. I have worked in the IT and Software sectors for over 20 years. After progressing onto SaaS projects and guiding others in the requirements of ISO 27001 and other standards, including ISO […]
ISO27001:2022 Why get Certification?
In this age of growing amounts of data, along with the requirements of the General Data Protection Regulations (GDPR) and the Data Protection Act (DPA), it must be kept secure. GDPR and DPA provide the legal framework by which personal data must be managed, but very few details on the best approach to do this. […]
Know Your Business
A Product or Service Realisation diagram (also known as a process swim lane diagram) is essential in understanding the overall business. Most companies know what product(s) they make or their service (s). However, they may often not know precisely how all the activities interconnect to be genuinely successful. Whilst these diagrams require involvement from all […]
Tales of an Auditee – Part 2
Following my previous post, I have some more tales from being audited. The first example has happened a couple of times. It is where a customer has used an outside consultant to carry out the audit. They have not done their preparation entirely. After introductions, they begin their questions, and you wonder how these relate […]
Tales of a Auditee – Part 1
I have heard many tales of audits going wrong, but all seem to only be from the perspective of the auditor, which can make auditees feel more intimidated. I would like to address the balance and tell some of my stories as an auditee for the last 22 years. I hope these help other auditees […]
Keep It Simple Stupid
Using the KISS Principle
The Power of Why
Learning to ask Why is one of our most powerful tools in Qualiy.