ISOaaS provides an experienced Information Security Officer to manage an organisation’s information security and risk management operations on a fractional basis, ensuring all systems and data are secure and compliant with regulatory requirements.
The Information Security Officer service is a convenient and cost-effective way for businesses to access industry-leading cyber security knowledge in a flexible and agile manner. A professionally certified and experienced security consultant enables an organisation to benefit from their years of security expertise and delivers clarity, confidence, and certainty for your digital, cyber security and network journey.
Fortis delivers expert guidance and best practice advice via our team of highly experienced and qualified security professionals who support clients to accelerate, shape and deliver a coordinated information security program and manage business security risk.
Information Security Officer as a Service
Central point of contact for all information security matters
Easy access to specialist advice and industry experience
Seamless integration with your existing team
WHAT ARE THE BENEFITS?
Delivers assurance in your information security program
Cost-effective alternative to employing in-house staff
Access to other trusted cyber security professionals via the ISOaaS conduit
"My experience working with Fortis has been outstanding. Their professionalism, expertise, and commitment to delivering exceptional results have truly set them apart."
Flexible and scalable service
Richard Pilkington
IT Security Manager
NCSC Assured Service provider for the Cyber Advisor Scheme:
Demonstrates that cyber security advice meets the approved standard of the National Cyber Security Centre.
BSI Associate Consultancy and LRQA Registered Consultancy (ISO/IEC 27001:2022):
Provides expertise and advice to implement the requirements for ISO certifications. We can help you put industry best practice into place within your business and support you throughout implementation as you work towards or maintain certification – sharing our knowledge of regulatory requirements and showing you how to stay compliant.
Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance certification body:
Provide services to assess and certify organisations under the NCSC’s Cyber Essentials scheme or become certified to the IASME Cyber Assurance standard.
CREDENTIALS
Our Information Security Officers hold a number of professional qualifications which include NCSC Certified Cyber Professional, Certified Information Systems Security Professional, Certified Information Security Manager, and ISO/IEC 27001 audit/implementor. As a company Fortis also holds a number of leading industry accreditations including:
"We have been delighted with the exceptional service provided through Fortis’ Information Security Officer as a Service (ISOaaS). The firm’s wealth of knowledge, security assessment capabilities, and customer-centric approach have been invaluable."
Mike Powell
CEO
Risk Management
Identify, manage and remediate potential information security risks; maintain currency with new guidance, standards and technologies; monitor and assess risk and vulnerabilities, developing strategies to mitigate them.
Cyber Incident Response
Design and implement a robust incident response capability; oversee incident response activities; manage investigations and resolution; collaborate with external parties in support of an industry-wide threat response.
Information Security Consultancy
Design, generate and maintain information security policies and accompanying standards, procedures and guidance; ensure information security compliance with relevant regulatory frameworks.
Information Security Governance
Expertise in cyber strategy. Provide advice to senior stakeholders on information security risks; develop and implement a comprehensive security program; stay updated on the latest security trends.
Security Awareness
Develop and implement a security awareness training programme for staff to promote a company-wide culture of cyber security awareness.
SERVICE DELIVERY
Fortis liaises with each client to identify the most appropriate level of support to align with business objectives, budget, and timeline. The Information Security Officer then works for the business for a pre-agreed number of days every month, usually over the course of a 12-month period, acting as a central point of contact and guidance for all information security matters.
ISOaaS is completely flexible and tailored to suit the needs of each individual client, allowing access to key cyber and information security services, including, but not limited to:
"Sundown has worked with Fortis over several years. The team are always on hand and are so knowledgeable that they know what you need even before you need it."
Heath Groves
CEO