Scale Securely

Protect your growth with confidence

As your business expands, so does the volume of sensitive data and complexity of keeping it safe. 

I help you embed robust information security and data privacy practices into your operations – building resilience, enhancing customer trust and managing risk. 

Get started now!

Setup  a free, 1 hour, no obligation chat to assess your needs. 

Get in Touch
information_security

Information Security with ISO/IEC 27001

ISO/IEC 27001 is an international standard that provides a framework to establish, implement, maintain and continuously improve an information security management system or ISMS.  

The standard helps businesses of all sizes manage and protect their information assets by identifying, assessing, and mitigating security risks. Conforming to this standard demonstrates that you have put in place systems to appropriately manage risks related to information security.

Even if you are not targeting certification against the standard, it is a great framework to use to improve your overall security posture. 

I can help:

  • identify and assess your information security risks, and build a comprehensive risk management methodology;
  • design and implement your ISMS in line with your business and security objectives;
  • plan, manage and conduct internal audits to find what’s working and what could be improved;
  • maintain your ISMS on an ongoing basis;
  • continually improve your ISMS; 
  • develop policies, procedures and other documents required by the standard; and
  • implement the right tools for ongoing management of your ISMS.
data_privacy

Data Privacy with ISO/IEC 27701

ISO/IEC 27701 is an extension to ISO 27001 that helps to implement controls specific to the protection of personal information. Implementing the controls of this standard drives POPIA compliance and is closely aligned with the requirements of the European Union’s GDPR. 

I can help:  

  • define appropriate controls to protect your data in line with the standard; 
  • integrate ISO/IEC 27701 into your existing ISMS;
  • identify gaps between your practices and the POPIA requirements; and
  • recommend 3rd party services for GDPR compliance.

3-Steps to Success!

FREE, no-commitment introductory consultation
to determine your needs and assess your readiness for ISO/IEC 27001.

Step 1: Assess and Align
Every business operates in a unique context and is exposed to unique risks. We start by gaining an understanding of your business context. We assess your current security posture, identify gaps and define the scope of your ISMS to align with your business goals.

Key Activities
  • Identify information security risks and key assets
  • Conduct a gap analysis and provide actionable results.
  • Define your ISMS scope and objectives.
Step 2: Build and Secure
A well-structured information security management system (ISMS) builds a strong foundation for protecting your business. We help you implement relevant security controls, develop essential policies and help you train your team to ensure long-term conformance and safe practices.

Key Activities
  • Develop policies, procedures and controls to mitigate risks.
  • Implement security measures, tailored to your business needs.
  • Train employees to ensure awareness and safe practices.
Step 3: Certify and Grow
ISO 27001 certification is not the finish line; it's a milestone on your journey to continuous improvement. We guide you through internal audit, management reviews, external audit for certification and provide ongoing improvements to keep your business secure and resilient.

Key Activities
  • Conduct an internal audit to veify readiness.
  • Undergo certification with a accredited auditor.
  • Continuously monitor, improve and adapt to new risks.
isms online logo
screenshot of ismsonline

DataSure has partnered with isms.online to provide you with a platform that:

  • Streamlines your ISO/IEC 27001 certification;
  • Accelerates your implementation with pre-built tools, policies and controls;
  • Helps you track your progress and keep your documents organised, in one place;
  • Reduces admin time by 50%; and
  • Helps you communicate and collaborate with your team and external parties.

My Approach

I help businesses scale securely by building and embedding robust information security and data privacy practices that keep pace with growth.

Whether on a fixed-hours contract or a project-based fixed-fee engagement, I work with you to define clear deliverables that meet compliance requirements while enabling operational agility.

My collaborative and people-first approach ensures that security isn’t just a checkbox exercise, it’s a culture that empowers your team and protects your customers as you expand.

Find Out More

Recent Articles

unlock question
ISO 27001

What is ISO/IEC 27001?

Information security and data privacy are becoming increasingly important for businesses of all sizes, and across all sectors. The rapid increase in cyber-related incidents in South Africa, particularly affecting smaller, more vulnerable organisations requires urgent attention. The purpose of information security is to protect information assets from unauthorised access, maintain

Read More »
diy your isms
ISO 27001

Should you DIY your ISMS implementation?

Having made the decision to implement an information security management system (ISMS), your first big decision is on whether you should do it yourself or work with external specialist consultants. Key Takeaways It is possible to do this alone, but don’t underestimate the effort required to do so. There are

Read More »
implementation
Information Security

ISO 27001 and the PDCA cycle

When it comes to improving your business’s information security, ISO/IEC 27001 is one of the most recognised standards in the world. But for many small or medium-sized organisations, the idea of implementing it can feel overwhelming. Where do you even start? That’s where the PDCA cycle comes in. Key Takeaways

Read More »

Ready to scale securely?

Get in Touch