Pre-Procurement & Pre-Data Access Risk Assessment
A fast, independent risk opinion before you procure a system or grant a supplier access to data.
Assurance work: we form an independent opinion. We do not implement what we assure.
Delivered by: ISO/IEC 27001:2022 Lead Implementer (BSI); BCS Practitioner Certificate in Data Protection
Scope
A focused, independent risk opinion provided before procurement, onboarding, or data sharing takes place. Decision support for senior responsible owners who need to know whether a supplier or partner poses material risk before access is granted.
What you get
- Rapid review of supplier security and data governance posture
- Assessment of governance maturity, control ownership, and risk management
- Translation of technical and compliance signals into decision-relevant risk
Deliverables
A written risk opinion that sets out the material risks and the mitigating factors, suitable for audit trails and assurance committees
Price
£4,500-7,500
All prices exclude VAT.
Frameworks referenced
Readiness and assurance, kept separate
Where we have built or prepared evidence for a client, we do not also sell that client an independent assurance opinion on the same work. Independence is only worth anything if it is real, so we protect it rather than blur it.
Not sure if this is the right engagement?
Book a free scoping call. We will point you to the right next step, whether that is this service, our paid diagnostic, or something else.
