Services

Focused advisory. Practical outcomes.

We work exclusively with fintechs, financial services organisations, SaaS platforms, and regulated businesses where security, privacy, and technology risk are mission-critical.

๐Ÿ›ก

ISO 27001 Implementation

Information Security Management System

$8,000 โ€“ $20,000
3โ€“6 months

We design and implement ISO/IEC 27001-aligned Information Security Management Systems โ€” from scoped risk assessment through to Statement of Applicability, control implementation, and certification audit readiness. Our implementations are built to operate, not just to pass.

Who this is for

Fintechs, SaaS companies, cloud-native platforms, and financial services organisations seeking ISO 27001 certification or needing to meet contractual and regulatory requirements.

What is included
  • Baseline gap assessment against ISO 27001:2022 Annex A
  • Asset-based risk assessment and risk treatment plan
  • Full suite of information security policies and procedures
  • Hands-on technical and organisational control implementation
  • Pre-certification internal audit and corrective action support
  • Stage 1 and Stage 2 audit preparation and mock walk-through
Discuss this service
๐Ÿ”’

NDPA Compliance Programme

Nigeria Data Protection Act 2023

$4,000 โ€“ $10,000
8-week structured programme

We guide Nigerian organisations and multinationals operating in Nigeria through structured NDPA compliance โ€” from initial assessment through to ongoing programme management and NDPC readiness. We also offer a free self-assessment toolkit to get you started.

Who this is for

Fintechs, banks, insurers, health organisations, e-commerce platforms, and any entity processing personal data of Nigerian residents.

Take free NDPA self-assessment โ†—
What is included
  • Structured NDPA gap assessment across all obligations
  • Comprehensive Record of Processing Activities (ROPA)
  • Privacy policy, internal data protection policy, consent frameworks
  • Data Processing Agreements with third-party vendors
  • Acting or advisory Data Protection Officer function
  • NDPC audit filing preparation and regulatory engagement
Discuss this service
๐Ÿ“‹

IT Audit & Technology Risk Assurance

Independent Technology Risk Assessment

$5,000 โ€“ $15,000
4โ€“8 weeks

We conduct independent, evidence-based IT audits covering access management, change control, cloud governance, logging and monitoring, business continuity, and third-party risk. Our reviews support management assurance, regulatory readiness, and board reporting.

Who this is for

Financial services organisations, fintechs requiring regulatory audit support (CBN, SEC), and SaaS companies undergoing customer due diligence.

What is included
  • Access management and identity governance review
  • Change control and release management assessment
  • Cloud infrastructure and configuration review
  • Logging, monitoring, and incident detection review
  • Business continuity and disaster recovery assessment
  • Third-party and vendor risk review
Discuss this service
๐Ÿ‘ค

Virtual CISO (vCISO) Retainer

Fractional Security Leadership

$2,500 โ€“ $6,000/month
Minimum 3-month engagement

Retain an experienced CISSP-certified security leader on a fractional basis โ€” providing ongoing strategic oversight, programme governance, board reporting, vendor risk management, and regulatory engagement. Ideal for organisations that need senior security leadership without the cost of a full-time hire.

Who this is for

Canadian and Nigerian fintechs, SaaS platforms, and growth-stage companies with 20โ€“200 staff who need governance without a full-time CISO budget.

What is included
  • Monthly security governance and programme oversight
  • Board and executive security reporting
  • Vendor and third-party risk management
  • Regulatory engagement and compliance management
  • Security incident response coordination
  • Security awareness and training programme oversight
Discuss this service
โ˜

Cloud Security Review

AWS & Azure Configuration Assessment

$1,200 โ€“ $3,000
2โ€“3 weeks. Fully remote.

A structured review of your cloud environment against CIS Benchmarks, the AWS/Azure Security Benchmark, and applicable regulatory requirements. Covers IAM configuration, network security, logging, encryption, and data residency. Delivered as a written report with a prioritised remediation roadmap.

Who this is for

Organisations running workloads on AWS or Azure who need an independent security assessment or need to demonstrate cloud security maturity to customers or regulators.

What is included
  • IAM configuration and privilege access review
  • Network security and perimeter controls
  • Encryption at rest and in transit verification
  • Logging, monitoring, and alerting configuration
  • Data residency and cross-border transfer review
  • Prioritised remediation roadmap with effort estimates
Discuss this service
โœ…

SOC 2 Readiness Advisory

Trust Services Criteria โ€” Type I & II

$10,000 โ€“ $25,000
3โ€“6 months

We prepare SaaS companies and technology providers for SOC 2 Type I and Type II examinations โ€” conducting a pre-assessment gap analysis, mapping controls to the Trust Services Criteria, supporting control implementation, and coordinating with your chosen CPA firm for the formal audit.

Who this is for

Canadian and US SaaS companies needing SOC 2 to win enterprise customers, satisfy investor requirements, or meet contractual obligations.

What is included
  • Pre-assessment gap analysis against Trust Services Criteria
  • Control mapping and evidence documentation guidance
  • Policy and procedure development for SOC 2 requirements
  • Technical control implementation support
  • Auditor selection guidance and coordination
  • Readiness review before formal examination
Discuss this service

Not sure which service you need?

Book a free 30-minute discovery call. We'll assess your situation and recommend the most practical path forward โ€” no commitment required.

Book a Discovery Call