GRC SERVICES

Information Security Audits

We assist in identifying the products and procedures necessary for Information Assurance. Our expertise lies in collaborating with clients to create and implement efficient, practical policies, procedures, and arrangements that govern their information security, a cornerstone of effective governance.

Our audits are meticulously crafted to deliver an honest and rigorous evaluation of an organisation's security posture, ensuring the protection of its critical information. We offer a systematic and quantifiable technical review of your organisation's security strategies, providing a transparent and assessable method to gauge the true security of a site and its infrastructure. Our approach includes comprehensive interviews with personnel, vulnerability scans, scrutiny of operating system configurations, analysis of network shares, and review of historical data.

Our Information Security Consultants have gained years of experience in:

  • Risk identification, assessment and evaluation.
  • Risk response.
  • Risk monitoring.
  • Information Security control design and implementation.
  • Information Security control monitoring and maintenance.

GDPR Gap Analysis

The GDPR is crafted to be relevant for modern technology, updating data protection regulations for the 21st century and enhancing the privacy rights of EU citizens by granting them greater control. Our GDPR consultancy service aims to assist you, the data controller, in evaluating your overarching compliance with data protection laws. This includes addressing the new individual rights, managing subject access requests, obtaining consent, responding to data breaches, and appointing a data protection officer as mandated by the General Data Protection Regulation.

How Can We Help?

Our GDPR Services

In the information security and data protection arena, our GDPR services cover both training and assessment:

  • Data Protection Impact Assessments (DPIA)
  • GDPR Readiness Assessment and Gap Analysis
  • Data mapping and classification
  • Data protection and information security onboarding

Pros of GDPR Compliance

  • Have policies and procedures to dictate how these should be used
  • Training and awareness to staff to remind them of their responsibilities
  • Provide the Information Commissioner’s Office ICO evidence that Data
  • Protection is given significant importance within the organisation

Growing GRC takes partnership and collaboration. That’s why
we’re excited to join Launch, Drata’s Partner Program.
Together Kootek consulting will help shape the GRC industry with our leading information security services and Drata’s compliance automation; the world’s most advanced compliance automation platform.

ISO27001 Consultancy

Adhering to international standards is not without merit – it serves as a tangible demonstration of trustworthiness, diligence, and security. Marking a notable change since 2013, the ISO 27001 standards are undergoing substantial revisions to mirror the drastically evolved landscape of organizations, information technology, and cybersecurity.

What is ISO 27001 certification?

ISO 27001 is the international standard for Information Security Management Systems (ISMS), increasingly expected by organizations of all sizes. This standard emphasizes not just the technical facets of information security, such as laptops and servers, but also the human element, premises, processes, systems, and suppliers. Learn more...

Why is this important?

In a world that is becoming more virtual, demonstrating trustworthiness is crucial. ISO 27001 certification builds that trust and can be pivotal in winning bids, even when your systems are already secure. This standard has become the fundamental requirement for robust Security Management, and many organizations will not advance a bid without it. Moreover, it aids in showing compliance with legal and regulatory frameworks such as the UK Data Protection Act and the EU GDPR, signaling a serious commitment to Data Protection and Security.

How we can help you?

Our consultants have a wealth of experience in designing, developing, and managing security compliance programmes for the ISO 27001 standard. We can help you to:

  • Conducting a Gap Analysis to assess the level of compliance of the ISMS.
  • Conduct Risk Management and Analysis to develop an asset register.
  • The production of Statement of Applicability (SoA) – a key requirement of ISO 27001.
  • Reviewing, advising and drafting Policies and Procedures .
  • Conducting audits against ISO 27001

Achieving ISO27001 Certification

Although the ISO 27001 standards are broadly applicable to all businesses, each company's situation is distinct. Therefore, we customize our services to fit each unique organization, transforming what was once an intimidating journey into a largely enjoyable path to full certification. Our role is to alleviate the stress of the process and assist you in enjoying the advantages of certification.

From the initial meeting to the concluding certification audit, our approach is to thoroughly comprehend your needs, devise processes that align with your operations, and establish a framework that integrates seamlessly with your business. Throughout this journey, we craft all necessary documents, processes, and records, equipping you with the requisite skills and expertise to attain ISO27001 certification successfully.

Contact Us

Supply Chain Risk Management

When outsourcing services to suppliers, it is crucial to comprehend the vulnerabilities and threats introduced to your business's information security. Our information security consultants help you identify your supply chain risks swiftly and cost-effectively. Our third-party risk management service enables customers to gauge the risk exposure from each third-party supplier relationship. Informed decisions can then be made to mitigate and control these risks through comprehensive risk assessments and ongoing monitoring.

Kootek approach and results to Supply Chain Risk Management

Approach

  • Quickly identify and manage your actual risk.
  • Apply appropriate level of security based on risk presented by the supply chain
  • Remotely assess third parties

Results

  • Information risk protection
  • Regulatory Compliance
  • Sustained business relationship

Outsourced Services

One of the problems organisations are faced with is a shortage of Information security resources and often lack the skill set to ensure the success of the Information security management system (ISMS). Our certified and experienced consultants will assist with the management and execution of an Information Security programme that supports an Information security management system (ISMS) and integrate governance, roles and responsibilities and continuous monitoring across information security.

Why Is Information Security Training Important?

Frequently, mitigating information security and cyber risks can be as simple as clarifying permissible actions and prohibited behaviors to individuals. Consequently, education and awareness programs often provide the most significant return on investment.

Our Information Security Training Services

We offer bespoke information security training and cyber awareness to

  • Managers
  • Employees
  • Travelling Staff

In the following areas

  • General Data Protection Regulation
  • Information Security
  • Business Continuity and Disaster Recovery
  • Information Governance

We collaborate intimately with our clients to craft and implement custom training programs that foster a culture of awareness and comprehension in Privacy, Data Protection, and Information Security, while also establishing an effective tool for risk identification. Our courses are instructed by seasoned professionals who excel in guaranteeing that you not only grasp the content but are also equipped to apply it directly upon your return to the workplace.

Kootek Consulting

LET’S KEEP IN TOUCH!

We’d love to keep you updated with our latest news and current trends in Information Security

Sign up to our monthly newsletter to receive free security tips & latest update directly in your inbox

We don’t spam! Read our privacy policy for more info.

Scroll to Top