← All services
Assurance 1-3 weeks

Pre-Procurement & Pre-Data Access Risk Assessment

A fast, independent risk opinion before you procure a system or grant a supplier access to data.

Assurance work: we form an independent opinion. We do not implement what we assure.

Delivered by: ISO/IEC 27001:2022 Lead Implementer (BSI); BCS Practitioner Certificate in Data Protection

Pre-Procurement & Pre-Data Access Risk Assessment

Scope

A focused, independent risk opinion provided before procurement, onboarding, or data sharing takes place. Decision support for senior responsible owners who need to know whether a supplier or partner poses material risk before access is granted.

What you get

  • Rapid review of supplier security and data governance posture
  • Assessment of governance maturity, control ownership, and risk management
  • Translation of technical and compliance signals into decision-relevant risk

Deliverables

A written risk opinion that sets out the material risks and the mitigating factors, suitable for audit trails and assurance committees

Price

£4,500-7,500

All prices exclude VAT.

Frameworks referenced

UK GDPR / DPIA NCSC supply chain security Procurement Act

Readiness and assurance, kept separate

Where we have built or prepared evidence for a client, we do not also sell that client an independent assurance opinion on the same work. Independence is only worth anything if it is real, so we protect it rather than blur it.

Not sure if this is the right engagement?

Book a free scoping call. We will point you to the right next step, whether that is this service, our paid diagnostic, or something else.