Compliance Advisory and Implementation
We will help you meet your regulatory needs in the most cost effective and time efficient manner.
Wilbourne holds certified partnerships with Drata and Vanta.
Description of Services:
Advisory:
​​​​
​We will review your approach to developing a mature and defensible Information Security Management System (ISMS), this will involve reviewing your risk assessments, documentation and policies, as well as testing your controls. We will identify gaps in your ISMS and recommend actionable steps to implement the necessary controls to achieve ISO27001 or SOC2 attestation.
Implementation:
​​​
Wilbourne will collaborate with you to implement the controls which were identified to be absent or impoverished from the prior Advisory phase. The depth of implementation will be decided upon by your leadership team, and influenced by the bandwidth of your internal resources.
Our Methodology:
Controls Review and Gap Analysis
Documentation Review
SOC2
Controls Implementation
ISO27001
Risk Assessment and Controls Testing
Evidence Collection
Mock Audit and Controls Corrections
ISO27001 compliance can also be achieved through successful SOC2 attestation. Many of Wilbourne's clients have engaged us to deliver both SOC2 and ISO27001 workstreams in the past. If both SOC2 and ISO27001 are relevant to your organisation, pursuing both at once can be a cost-effective and efficient approach.
Questionnaire:
​​​​
We will guide your organisation through the certification process, whether for your entire company or a specific subset. This certification focuses on assessing your cybersecurity maturity through a questionnaire, covering critical areas such as access control, patch management, and secure configuration. Our team will review your responses, ensuring they align with the Cyber Essentials requirements. We will identify any gaps, provide clear recommendations to address them, and validate your compliance to deliver your Cyber Essentials certificate with confidence.
Further Implementation:
​​​​
We will support your organisation in achieving this certification starting with the same foundational steps as Cyber Essentials. Once the questionnaire is completed and compliance is confirmed, we will conduct a rigorous technical assessment. This includes scanning your external-facing systems to identify and address high-risk vulnerabilities, evaluating your internal systems for security weaknesses, and assessing the effectiveness of your email and malware defences. Our thorough review ensures your organisation meets the enhanced standards required for certification, providing added assurance of your cyber security resilience.
Complimentary Cyber Essentials Services:
Pre-Cyber Essentials Workshop
In order to minimise your chances of being non-compliant at the time of the assessment and subsequently failing the certification process, we can deliver a consultative workshop preparing you and maximising your potential to achieve compliance and certification.
Why Use Our Services?
Cost Saving
Time Efficiency
Minimising Errors
We will remove the need to hire an expensive compliance team to satisfy your regulatory needs.
On average, we reduce the time to achieve compliance to various compliance frameworks by 40%.
Our team holds rich experience in helping clients achieve compliance, which maximises your success.