Meet the team
Our technology and digital consulting professionals are based throughout the UK.
Cyber Compliance & Assurance
ServicesConsultingTechnology & digital consultingCyber Security & Privacy
Cyber Compliance & Assurance
Achieve compliance with cyber laws, standards and frameworks
Cyber Compliance & Assurance
Cyber security compliance obligations are becoming increasingly complex. We assist organisations in achieving compliance or alignment with the landscape of all key SA and international cyber related laws, standards and frameworks.
Services include:
 |
 |
 |
 |
 |
 |
Cyber Essentials
Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security. It is a UK government backed scheme whose certification process is designed to help organisations of any size – all while keeping the approach simple, and pragmatic.
Our services include:
- Pre-assessment
- Formal Cyber Essentials certification
- Formal Cyber Essentials Plus certification
Forvis Mazars can certify organisations against both cyber essentials and cyber essentials plus.
ISO 27001
ISO/IEC 27001:2013 (also known as ISO 27001) is an international standard that sets out the specification for an ISMS (information security management system). Our services are designed to help organisations on their roadmap to ISO 27001 certification or alignment:
- Scope and framework development
- Policies and documentation support
- Risk assessment advisory
- Gap analysis
- Maturity assessment
- Remediation support
- Pre-assessment review
- Internal audit
SWIFT CSP
The Society for Worldwide Interbank Financial Telecommunications (SWIFT) Customer Security Programme (CSP) is a framework designed to help financial institutions improve their cyber security posture. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework. Our services include:
- SWIFT CSP audits
- SWIFT CSP assessments
- Internal audit reports on SWIFT CSP controls
System and Organisation Controls (SOC)
The American Institute of Certified Public Accountants (AICPA) designed SOC 2 and SOC for Cyber Security examinations to assist organisations of any size, regardless of industry and scope to, respectively, ensure the assets of their potential and existing customers are protected and as a framework for cyber security risk management. Our testing is based on the defined principles and criteria published by AICPA and is performed by experienced assessors. Our services include:
- SOC 2 readiness assessment
- SOC for Cyber Security readiness assessment
- SOC 2 examination
- SOC for Cyber Security examination
PCI DSS
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that organisations that accept, process, store or transmit credit card information maintain a secure environment. We help organisations navigate PCI DSS compliance requirements with a pragmatic approach. Our PCI DSS consultancy services include the following and we also have Qualified Security Assessors (QSA) within our firm:
- PCI DSS Gap analysis
- PCI DSS Scope reduction
- PCI DSS Policies and procedures documentation
- PCI DSS QSA support
NIS Directive
The NIS Directive, that aims to improve the security and resilience of network and information systems across the EU, was enacted in UK law as The Network and Information Systems Regulations 2018. We help organisations assess their level of compliance against the NIS Regulations’ requirements (14 high-level compliance principles from NCSC).
Get in touch
To discuss how we can ensure your business is compliant, please contact us using the form below:
Contact us today
If you would like a member of the team to contact you, please complete this form.