Identify. Quantify. Fortify.
At QCC, we are committed to helping you safeguard your greatest asset – your information. Drawing on a wealth of specialist technical knowledge as well as years of practical experience working for well-known private and public-sector organisations, we will guide you through every aspect of information security – from security management, risk assessment and incident management to payment card security and security awareness training.
Governance, Risk and Compliance (GRC)
Our qualified and skilled consultants can help organisations work towards and achieve full GRC capability. We use the Open Compliance and Ethics Group (OCEG) Red Book as a point of reference.
Security management
Our highly-qualified consultants can provide expert guidance on your information security strategy. Experience across a wide range of industry sectors includes defence, government, legal, pharmaceuticals and finance. Services include:
- Security framework implementation
We have extensive experience in implementing security frameworks to the following standards:
– ISO/IEC 27001
– COBIT
– COSO
– ISF - CESG Listed Adviser Scheme (CLAS) consultancy
With high-level security clearance, our consultants are approved by CESG (the information assurance arm of GCHQ) to provide information security advice to government departments and other organisations that provide vital UK services to the United Kingdom.
Risk management
Our skilled and experienced team will work with you every step of the way to identify areas of concern and identify strategies to improve the confidentiality, integrity and availability of your business assets. Services include:
- Risk management services
Our thorough understanding of the potential threats to your organisation’s information will help us to assess the risk to your data – and provide balanced, cost-effective strategies for improving information assurance. We have in-depth knowledge of a number of risk management methodologies. - Penetration testing and vulnerability assessment
Our penetration testing team use multiple cutting-edge techniques to test the resilience of your network.
Incident management
All organisations have an obligation to protect personal and business information, and in particular sensitive data. To ensure that any security breach is dealt with quickly and effectively, we can offer the following support:
- Incident response services
We offer help and advice following a security breach, ensuring the situation is contained and resolved, lessons are learned and remedial actions taken. This includes payment card breaches via Visa and MasterCard. - Training and workshops
We provide in-house or off-site training and skills development for key staff with responsibility for managing security incidents. - Policy review
Our experts will assess the effectiveness of your incident response procedure and help you formulate a robust incident management policy.
Payment card security
We have considerable experience in helping organisations to meet payment card industry security standards. We offer the following:
- Payment Card Industry Data Security Standard (PCI DSS) services
Auditing and consultancy support to help merchants and payment processors to comply with payment card industry security standards.
Security awareness training
Through workshops and one-on-one training sessions, our experienced consultants will ensure that key staff have the skills and knowledge they need to follow your information security policies effectively. Areas covered can be tailored to your specific requirements and may include:
- General information security awareness
- Incident management
- Information governance
- Risk management processes
- Vulnerability management
- Skills and competency assessment
