ISO 27001:2022
ISO 27001 is a globally recognised standard for Information Security good practice. Achieving ISO 27001 certification demonstrates a commitment to protecting data and provides assurance to clients, stakeholders, and regulators.
Deviceology services are designed to guide clients through the process of achieving certification. We provide end-to-end support that includes initial gap assessments and education, tailored policy and procedure development, and hands-on assistance in implementing the necessary security controls.
Post-certification, our internal audit and monitoring services help you sustain compliance
Cyber Essentials
The UK’s Cyber Essentials scheme is a government-backed certification focussed on ensuring key controls and processes are in place to help organisations protect themselves against common online threats.
Achieving Cyber Essentials certification demonstrates that an organisation has implemented essential cybersecurity measures and is required to demonstrate compliance with NHS digital technology assessment criteria. The scheme assesses five key areas: you secure configuration, boundary protection, access control, patch management, and malware protection.
There are two level of certification Cyber Essentials and Cyber Essentials Plus. The plus certification involves external testing of an organisation’s networks and devices.
Deviceology guides our clients through the requirements and support them through certification. We provide tailored recommendations to meet the scheme’s requirements and can assist with implementing controls and configurations needed to certify.
NHS DSP Toolkit
The Data Security and Protection (DSP) Toolkit is an online tool that allows organizations to measure their performance against the National Health Service’s (NHS) data security and protection requirements in the United Kingdom. Organisations that access NHS patient data and systems must use this toolkit to provide assurance that they are practicing good data security and that personal information is handled correctly.
At Deviceology we will review your data security and compliance arrangements to find areas for improvement. Update necessary documents and controls, and evaluate current risk assessments. Conduct a staff survey on data safety awareness, Compare your controls to DSP Toolkit requirements and add new ones if needed. Set up emergency plans and reporting systems, and assist in completing the DSP Toolkit submission.
The Framework for AI Cybersecurity Practices
A framework for AI Cybersecurity Practices addresses the evolving challenges and risks associated AI cybersecurity and securing an AI implementations effectively.
Deviceology helps our client establish clear guidelines and protocols for handling sensitive data, mechanisms to detect and mitigate adversarial attacks and vulnerabilities and security measures to address evolving threats and adopting emerging best practices.
Our regular audits and assessments can be used to assess the effectiveness of the cybersecurity strategy and ensure that any deviations from compliance are promptly addressed.
Other Regulations, Standards and Frameworks
We have experience with a myriad of other regulations, international standards, and frameworks that necessitate specialised support to implementation and demonstrate compliance including service organisation control (SOC) reports, NIST, PCI-DSS standards. Should you find that the specific guidelines you require assistance with are not listed above, please do not hesitate to reach out to us and id we can help, we will.
