The good news is that you can get started with straightforward measures which can defeat most basic attacks – you don’t need to dive into the complex or the cutting edge to be effective. As you grow in size and scope, you can broaden and deepen your capability to ward off threat and manage risk.

Whichever route or combination of routes you decide to take, we can help you get started, get better and stay on the right track. Click through each section for further details.

Identify your risk
Online Risk Assessment

Get a high-level assessment of where your main business risks lie with our information risk assessment. We’ll send you a free report on where you need to focus your improvement efforts.

Information Risk Healthcheck

A specialist risk review of your organisation with a critique of your cyber risk management arrangements. Includes clear demonstrable priorities for improvement and recommendations for action.

Awareness Workshops

Understand your information risks and make a start on managing them. Learn who should be responsible in your organisation and the benefits of getting it right.

Information Security Standards
Obtaining ISO 22301 Compliance
ISO 22301

Meet the business continuity and disaster recovery standards that are integral to your risk management strategy. ISO 22301 is the standard to follow for prevention of and recovery from disruptive incidents. Our Business Impact Assessment pinpoints areas to address and maps these to available resources and services.

Obtaining Cyber Essentials Scheme Compliance
Cyber Essentials Scheme - Cyber Essentials and Cyber Essentials Plus

Protect your business against common online security threats with this Government sponsored scheme. Certification is mandatory for businesses supplying products and services to Government. Become certified at two levels: Cyber Essentials and Cyber Essentials Plus.

Obtaining IASME Compliance

Demonstrate that you are taking good steps to properly protect your customers information. The IASME Governance Standard is considered an affordable and achievable alternative to ISO27001 and includes a Cyber Essentials assessment and an optional assessment against GDPR requirements.

Obtaining ISO 27001 Compliance
ISO 27001

Give your customers and third parties confidence that the information they share with you will be protected by a complete Information Security Management System (ISMS).  We can help identify the scope of your ISO27001 compliance project and select appropriate security controls to protect your information.

Obtaining Cloud Controls Matrix Compliance
Cloud Controls Matrix (CCM)

Demonstrate that you meet the CCM (Cloud Security Alliance Cloud Controls Matrix) security principles. They’ve been designed to guide cloud vendors and assist prospective cloud customers in assessing the overall security risk of a cloud provider. We can help vendors produce responses and customers interpret evidence given.

Obtaining PCI DSS Compliance

Protect your business from the damage that cardholder data theft can do. PCI-DSS helps protect you but compliance can be costly and time-consuming. We offer PCI-DSS consultancy and help with self-assessment questionnaires.

Industry Specific Compliance
Cyber Security Model (CSM)

Meet the cyber security standards that defence procurers require to contract with the MOD. The CSM is applicable to prime contractors as well as the supply chain. Our Gap Analysis process can guide you through CSM compliance.

List X

Demonstrate that your secure facility meets relevant MOD standards with List X certification. It’s essential if you plan to hold classified material at Secret level or above as part of a contract. Our List X Gap Analysis will give you an assessment of how much work you need to do.

List N

Protect the Sensitive Nuclear Information (SNI) you handle in accordance with Regulation 22 of the Nuclear Industries Security Regulations (NISR) 2003. A licensed operator will check your compliance with a series of measures and confirm List N status. Our Gap Analysis can guide you towards compliance.

Hot Topics

Build Information Assurance (IA) into your major public projects, especially those that involve sensitive information – right from the start. IA Inside from Ascentor, is a full lifecycle approach to building IA into the heart of your projects – it helps public sector buyers and suppliers make IA holistic, integrated and effective. IA Inside supports government initiatives to make systems Secure by Design.

BIM 1192-S5

Keep BIM (Building Information Modelling) models and their information safe from cyber threats. BIM 1192-5 is relevant to any organisation working with BIM, digital built environments and smart asset management. We can help you develop a strategy for implementing the security aspects of BIM.


Achieve a high level of cyber security and resilience through the Network and Information Security (NIS) Directive (D), designed for operators of critical national infrastructure and essential services. Our Gap Analysis and Risk Review service will help you understand your exposure and the measures you need to take to comply.


Ensure you comply with GDPR and continue to do so. It’s not just about compliance, it’s also an opportunity to review and optimise your data processing practices. Our tried and tested GDPR Gap Analysis will guide you through the maze.

Contact us

Your cyber security challenges and our pragmatic approach - we could be the perfect fit. Contact the team at Ascentor for an informal chat.