top of page



We align our services to ensure information security meets your business objectives. These services are mapped so that they comply with international information security frameworks.




Fortis can help your company to develop, improve or create an effective information security strategy that is aligned to your business requirements. We are experienced with large and small companies and always align with frequently used international security standards. 


We can help you with:


Alignment to or implement information security frameworks (NIST CSF, ISO/IEC 27001, CIS Controls)

Authoring or updating security policies, standards & guidelines

Risk assessments (full environment
including cloud)

Auditing services in which we are highly experienced. From government to enterprise, our services an be tailored to your compliance needs

Security transformation programmes

Data Privacy and GDPR services, Data Privacy Impact Assessments (DPIA), Data Protection Officer as a Service

Full ISO/IEC 27001 implementation, from gap assessment to certification. We have assisted a number of companies in successfully gaining certification. Our consultants will build an information security management system that will fit with your business operations and deliver to the certification body requirements

Information Security Officer as a Service


We provide a number of security services which will help an organisation to deploy and manage technical security controls. Our team has experience across many industries and technology stacks including cloud. We hold relevant qualifications and are experienced with large enterprise SABSA and TOGAF frameworks.


We can help you with:


Security architecture, design and implementation of technical and administrative controls 

Configuration management - policy, process, hardening and templates

Technical control project based design & implementation

Staff augmentation - information security engineer to architect


After extensive research in this area, Fortis took the decision that we would be offering a better service to our clients if we partnered with a company which has a laser focus on addressing the human aspects of cyber security. This takes the form of learning and development to providing simulated phishing scenarios.


We can help you with:


An award-winning cloud-based Unified Cyber Awareness Platform that helps businesses to improve their cyber security behaviour, and reduce cyber risk

GCHQ approved content

A multi-faceted approach with award winning cloud based platform, to client branded posters, intranet blogs to after dinner talks from leaders in the Cyber Security industry

The Law Society endorsed

Mobile, BYOD and desktop delivery

Machine learning based reporting which offers an insightful risk assessment of human based risk


Fortis provides many services which can help organisations to identify where their risks lie. This can be from a technology standpoint to identifying the minute points where illicit access could be made. These are also compliant to audit frameworks which regulatory bodies require. Our consultants are experienced, certified (CREST, OSCP & Tigerscheme) and test in accordance with industry best practices such as CREST, CHECK and PCI-DSS. On completion you will receive a comprehensive report detailing risk and recommendations to reduce that risk.


We can help you with:


Penetration testing - all types but typically internal, external, web application, WiFI, Cloud & VoIP platforms

Simulated ethical hacking - Red teaming

Vulnerability scanning services

Product security evaluation

Technical surveillance counter-measures (TSCM) or more commonly known as bug sweeping 

bottom of page