top of page

ISOaaS provides an experienced Information Security Officer to manage an organisation’s information security and risk management operations on a fractional basis, ensuring all systems and data are secure and compliant with regulatory requirements.

The Information Security Officer service is a convenient and cost-effective way for businesses to access industry-leading cyber security knowledge in a flexible and agile manner. A professionally certified and experienced security consultant enables an organisation to benefit from their years of security expertise and delivers clarity, confidence, and certainty for your digital, cyber security and network journey.

Fortis delivers expert guidance and best practice advice via our team of highly experienced and qualified security professionals who support clients to accelerate, shape and deliver a coordinated information security program and manage business security risk.

Information Security Officer as a Service

Table Overall-01.png
Full Table.png

Central point of contact for all information security matters

Easy access to specialist advice and industry experience

Seamless integration with your existing team

WHAT ARE THE BENEFITS?

Delivers assurance in your information security program

Cost-effective alternative to employing in-house staff

Access to other trusted cyber security professionals via the ISOaaS conduit

Main Table-01.png

"My experience working with Fortis has been outstanding. Their professionalism, expertise, and commitment to delivering exceptional results have truly set them apart."

Flexible and scalable service

Richard Pilkington

IT Security Manager

London View
Table-01.png

NCSC Assured Service provider for the Cyber Advisor Scheme:

Demonstrates that cyber security advice meets the approved standard of the National Cyber Security Centre.

BSI Associate Consultancy and LRQA Registered Consultancy (ISO/IEC 27001:2022):

Provides expertise and advice to implement the requirements for ISO certifications. We can help you put industry best practice into place within your business and support you throughout implementation as you work towards or maintain certification – sharing our knowledge of regulatory requirements and showing you how to stay compliant.

Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance certification body:

Provide services to assess and certify organisations under the NCSC’s Cyber Essentials scheme or become certified to the IASME Cyber Assurance standard.

Rapid Addition logo.png
CREDENTIALS

Our Information Security Officers hold a number of professional qualifications which include NCSC Certified Cyber Professional, Certified Information Systems Security Professional, Certified Information Security Manager, and ISO/IEC 27001 audit/implementor. As a company Fortis also holds a number of leading industry accreditations including:

"We have been delighted with the exceptional service provided through Fortis’ Information Security Officer as a Service (ISOaaS). The firm’s wealth of knowledge, security assessment capabilities, and customer-centric approach have been invaluable."

Mike Powell

CEO

London City
Table-01.png

Risk Management

Identify, manage and remediate potential information security risks; maintain currency with new guidance, standards and technologies; monitor and assess risk and vulnerabilities, developing strategies to mitigate them.

Cyber Incident Response

Design and implement a robust incident response capability; oversee incident response activities; manage investigations and resolution; collaborate with external parties in support of an industry-wide threat response.

Information Security Consultancy

Design, generate and maintain information security policies and accompanying standards, procedures and guidance; ensure information security compliance with relevant regulatory frameworks.

Information Security Governance

Expertise in cyber strategy. Provide advice to senior stakeholders on information security risks; develop and implement a comprehensive security program; stay updated on the latest security trends.

Security Awareness

Develop and implement a security awareness training programme for staff to promote a company-wide culture of cyber security awareness.

sundown-logo.png
SERVICE DELIVERY

Fortis liaises with each client to identify the most appropriate level of support to align with business objectives, budget, and timeline. The Information Security Officer then works for the business for a pre-agreed number of days every month, usually over the course of a 12-month period, acting as a central point of contact and guidance for all information security matters.

ISOaaS is completely flexible and tailored to suit the needs of each individual client, allowing access to key cyber and information security services, including, but not limited to:

"Sundown has worked with Fortis over several years. The team are always on hand and are so knowledgeable that they know what you need even before you need it."

Heath Groves

CEO

circleChart.png
bottom of page