Information risk and security management - including: strategy and policy development; identifying, evaluating and treating risks; benchmarking; and business continuity management.
Security awareness and training programs - programs that actually work, fostering a strong corporate security culture at all levels from the office cleaners to the CEO and Board.
Security courses, seminars and briefings - explaining stuff, motivating and guiding people.
Security metrics - designing and implementing a suite of metrics to manage information risk and security systematically, effectively and efficiently; reviewing and evaluating existing metrics.
ISO27k - help to adapt and adopt the good practices from the ISO/IEC 27000 standards; gap analysis; internal audit; pre- and post-certification support.
IT auditing - IT audit strategy development and planning; audit management; data center and software development projects audits.
Project management and governance - building and leading teams.
Interim management - holding the reins and assisting with the recruitment and mentoring of a permanent replacement.