Data Protection and
Cyber Security Services
OSP Group are the only Scottish company that has been externally assured by APMG International under the NCSC Assured Training Scheme for Data Protection.
We are OSP, your Managed Service Training Provider GDPR Consultants Data Protection Assessors Outsourced DPO ISO27001 Lead Auditor Cyber Risk & Resilience Consultancy
Here's what we do....
Click on the following services to learn more…
Data Protection Training as a Managed Service
We offer NCSC assured training on GDPR at awareness and practitioner level.
Let us manage your data protection education programme offering bespoke online, workplace or virtual sessions and workshops designed specifically for your organisation. We will ensure your compliance needs are met across the various levels of staff within your organisation.
Get in touch for more details.
Cyber/Information Security Training as a Managed Service
We offer NCSC assured training on Cyber Security at awareness level.
Let us manage your cyber security and information security education programme offering bespoke online, workplace or virtual sessions and workshops designed specifically for your organisation. We will ensure your compliance needs are met across the various levels of staff within your organisation.
Get in touch for more details.
Data Protection & GDPR Consultancy
Using an external advisor can make the challenge of preparing for and complying with Data Protection and GDPR more efficient and effective. Our consultants and advisors can bring a different perspective and bring new insights based upon experience from multiple sectors. OSP work with our clients to develop a service uniquely appropriate to their needs whether an audit or an interactive workshop, which combines audit techniques with awareness training for small groups on the Data Protection implications of their work.
Our findings are reported quickly to clients in clear, accessible, language. We have a wealth of Data Protection tools and standards to quickly remedy any shortfall in clients materials ensuring they have the best possible defences when dealing with Data Protection compliance.
GDPR Audit
Data Protection Impact Assessment
Most organisations will conduct a Data Protection Impact Assessment(s) (DPIAs). This can be a daunting task, OSP can provide a methodology, training and consultancy to help you carry out one or more DPIAs. Our method is to take a contextual risk based approach using the Data Protection impact assessment (DPIA) process as the starting point to develop a comprehensive and tailored solution that will work for you.
The development of measures to address the risks and to demonstrate compliance, or Risk Treatment Plan will be focused on providing a capability, that allows you to Identify, Protect, Detect, Respond & Recover Personal data. All of these measures are in accordance with best practice for Data Protection & security by design and by default, within the guidance from the ICO and National Cyber Security Centre (NCSC).
Outsourced Data Protection Officer
OSP recognise that the Data Protection Officer (DPO) plays an important role in advising the senior leadership team on current policy and risk management, as well as determining future policy. OSP can provide the complete outsourced DPO which will be tailored to your needs and budget.
OSP understand that complying with the requirements of the UK Data Protection Act (DPA) and GDPR can be demanding. We are here to take the pressure off and allow you to focus on your core business. The DPO service provided by OSP is designed with you and to meet your needs. Whether you have a statutory requirement to appoint a DPO or you just want some advice and guidance, we can help to ensure that you meet the requirements of the DPA and GDPR in a cost effective way.
Our Outsourced DPO Services Provides:
- Assistance to monitor internal compliance, inform and advise on your Data Protection obligations.
- Advice regarding Data Protection Impact Assessments (DPIAs) and act as a contact point for data subjects and the supervisory authority.
- An expert in Data Protection, adequately resourced, to report to the highest management level.
- Help to demonstrate compliance and accountability.
ISO 27001
- Gap Analysis
- Internal audit
- Micro ISMS implementation
- ISMS implementation including initial high level ISMS awareness and support at Stages 1 and 2
Information Security Management System (ISMS)
Information security management preserves the ‘confidentiality, integrity and availability’ of information and associated information processing facilities, whether that’s systems, services, infrastructure or the physical locations. It ensures your business continuity by minimising business damage by preventing and reducing the impact of security incidents.
The ISO 27001 is the internationally recognised standard that can be used by internal and external parties to assess your organisations ability to meet your organisations information security requirements.
Its important that the Information Security Management System (ISMS) is part of and integrated with your organisation’s processes and overall management structure. Information security should be considered in the design of processes, information systems and controls you put in place. When you are looking to implement an ISMS it should be scaled in accordance with the needs of your organisation.
Our team of experienced Information security consultants will provide you with the advice and support you need to ensure that people, process and technology are aligned to information security best practice.
Cyber Risk & Resilience Consultancy
Using an external advisor can make the challenge of strategically addressing cyber (including digital and technology) and wider business resilience (reputational, operational, supply chain and financial impacts) more efficient and effective.
Our consultants and advisors can bring a different perspective and bring new insights based upon experience from multiple sectors. OSP work with our clients to develop a service uniquely appropriate to their needs whether awareness and education, interactive scenario workshops, or independent analysis and challenge for governance and risk management.”
Trust and Effective Governance in the Digital Age
We live in an age of uncertainty and increasing disruption. Company boards and executive management need to navigate this new “Digital Age” and demonstrate that they are fulfilling their Director’s Duties and Accountabilities for good governance:
- Directors have a duty to promote the success of the company.
- Directors must exercise independent judgement.
- Directors must exercise reasonable care, skill and diligence. The Companies Act 2006, Part 10, Chapter 2, Clauses 172-174
Through awareness and education, with supporting advisory and consultancy services delivered by OSP Cyber academy and our partners we can help you achieve trust and effective governance.
Download our Consultancy Brochure
OSP Cyber Academy uses the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. Please review our Privacy Policy.