PRIVACY POLICY We neither collect nor store your personal data. We do not have the relevant technology through which to do so. This website is a shop window. It contains no relevant functionality and is not supported by advertising.


At SPS we view information assurance in the context of the organisational objectives.We understand the broader business and governmental concerns and, by working in partnership, provide a professional consultancy service, within the ISO27001 Information Security Management framework. SPS will work with you to understand your objectives and assist you in minimising your information governance risks. Our experience and depth of knowledge enables us to provide pragmatic and effective solutions to meet our customer’s needs.

Our consultants work within a defined information governance lifecycle. Services include:

  • CISO as a Service
  • DPO as a Service 
  • Gap Analysis (for ISO27001 / Information Security, PCI Compliance, GCSx Code of Connection, Data Protection & Freedom of Information Compliance)
  • Implementation - Policies, standards, procedures and guidelines – review, creation, development and implementation, through to Statement of Applicability
  • Maturity assessments – utilizing relevant available suitable frameworks (COBiT, NIST, C2M2, CMM)
  • Information Security Awareness – program development and implementation
  • Information Security / Assurance Overview training – what’s it all about? – tailored for delivery to both senior executives and managers as well as day to day operational staff / employees
  • Dependency Modeling/Risk Assessment addressing organisational information assurance issues and business objectives
  • Business Continuity Management and Disaster Recovery reviews and plan development
  • Information Asset Management – review of inventory, assistance with audit, assistance with Protective Marking / Information Classification, labeling and handling – both in terms of policy/procedure/guidance creation and implementation as well as review of actual information assets identified and assessment of the appropriate marking to be applied to them
  • Breach Notification / Incident management – communication plan development and incident management support


You can email me directly - or via

You can call me, text me, WhatsApp me, connect on LinkedIn.

You can send me a tweet - I might even see it. As a security professional, I'm not keen on this form of communication!

Google knows where I am at all times - you can hunt me down through various media should you wish for my assistance! I look forward to hearing from you.