Governance delivered with technical depth
Cyber GRC without technical grounding produces policies that don't reflect reality. These services combine framework expertise with hands-on security knowledge to deliver governance that auditors, regulators, and technical teams all trust.
Our Services
Cyber Security Gap Assessments
Identification and evaluation of cyber risks across people, process, and technology mapped to your risk appetite, regulatory obligations, and existing control environment. Delivered against ISO 27001, DISP or your preferred framework.
ISO27001 Implementation
End-to-end support for ISO 27001 implementation or recertification - from gap assessment and risk treatment planning through to policy development, control implementation, and preparing your organisation for external audit.
Cybersecurity Policy & Framework Design
Development of cyber security policies, standards, and procedures that reflect your operating risks and environemnt. Includes integration with your existing risk management and compliance architecture and alignment to applicable regulatory requirements.
Training, Culture and Advisory
Training, culture and advisory services help your people become the strongest link in your cyber defence. I design and deliver targeted awareness programs, executive and board briefings, and GRC capability uplift, with clear outcomes and practical tools
Regulatory Compliance
Practical compliance support across Australian cyber and information security regulatory obligations such as SOCI, APRA, and privacy - from gap assessment and program design through to evidence preparation and ongoing assurance. Delivered with an understanding of what regulators actually look for, not just what the legislation says.
Incident Response Planning & Testing
Incident Response Planning & Testing ensures you can manage cyber incidents calmly and confidently. We design and run realistic tabletop and technical simulations to exercise your incident response playbooks, testing detection, decision‑making, communication, and recovery so you improve before a real incident.
Privacy Impact Assessments
Privacy Impact Assessments identify how projects, systems, or vendors collect and use personal data, and whether that creates compliance, security, or trust risks. We analyse data flows, legal obligations, and controls, then recommend practical changes so privacy risks are reduced, justified, and well‑documented.
DISP Membership Applications
DISP Membership Applications support organisations seeking entry to, or uplift within, the Defence Industry Security Program. We help interpret DISP requirements, assess your current security posture, prepare evidence and documentation, and build uplift plans so your application is complete, and aligned to Defence expectations.