Arculus Ltd

Arculus is an independent provider of cyber security and information assurance.

Arculus engages with our customers as a trusted partner, to ensure success in meeting all customer requirements. Our consultants are appropriately skilled and qualified in their specialist field and subject to strict vetting and background checks.

Arculus is certified to Cyber Essentials Plus, ISO/IEC 27001 and ISO/IEC 9001, providing customers with robust assurance that we protect their records and our systems in accordance with security best practice. We are also a CREST-certified penetration testing provider.

Services Arculus offers include:

Risk Management

Our consultants are qualified and experienced to support your organisation in understanding and managing security risks through systematic processes that bridge business and technical domains.    

Penetration Testing

Arculus is a CREST Approved organisation and our testers are among the best in the business. We test client systems and web applications to identify vulnerabilities and provide the right advice on remedial action to avoid compromise of systems and data.

Security Architecture

Arculus consultants are experienced in the use of security architecture approaches including SABSA and TOGAF. Our architects are qualified to provide expert guidance under the NCSC Certified Professional Scheme (CCP).

Arculus has supported private sector end user organisations, systems integrators, central and local government deliver secure solutions by ensuring appropriate technical security controls are effectively implemented.  

Compliance

We are experts at supporting organisations in achieving compliance and certification with key standards including ISO/IEC27001, Cyber Essentials Plus, SOC2 and the Payment Card Industry Data Security Standard (PCI DSS). We build information security management systems that are compliant with ISO/IEC 27001 and can be certified by the chosen certification body. We use principles-based guidance such as the NCSC Cloud Security Principles to assess systems and services. Our reports are used to demonstrate how the organisation meets those principles in their own context.

Certifications and Qualifications held by our experienced Consultants include:

• ISACA Certified Information Security Manager (CISM)
• ISACA Certified Information Systems Auditor (CISA)
• IBITGQ Certified EU General Data Protection Regulation Practitioner
• IBITGQ Certified EU General Data Protection Regulation Foundation
• ISO/IEC 27001:2013 Lead Auditor
• Cloud Security Alliance Certified Cloud Security Knowledge (CCSK)
• IASME and Cyber Essentials Plus Auditor / Assessor
• Prince2 Foundation and Practitioner Certified
• National Cyber Security Centre CCSC Head Consultant and Service Owner – IA Architecture
• National Cyber Security Centre CCSC Head Consultant and Service Owner - Risk Assessment
• Certified Information Systems Security Professional (CISSP)
• CCP Security and Information Risk Advisor (Lead Practitioner Level)
• CCP IA Architect (Senior Practitioner Level)
• CCP Accreditor (Senior Practitioner Level)
• PCI DSS Training to QSA level by PCI Security Standards Council
• NCSC CCP Senior Security and Information Risk Advisor
• NCSC CCP IA Architect
• NCSC CCP IA Auditor
• Chartered IT Professional (British Computer Society)
• Full Member of the Chartered Institute of Information Security (CIISec)
• MSc (Information Technology)
• PCI QSA – Payment Card Industry Qualified Security Assessor

Our Consultants have over 60 years combined experience in Information Security and Governance.

Past roles untaken include:

• Trusted Advisor on Information Security & Assurance
• Auditor and Review for PCI DSS, ISO/IEC 27001
• HMG Accreditations
• Risk Assessment and Risk Management
• Information and Corporate Governance
• Policies and Standards
• Legal & Regulatory Compliance
• Data Protection & Privacy Laws
• Information Security Strategy
• Information Assurance Methodologies
• Innovation & Business Improvement
• Security Architecture
• Third Party Assurance and Management
• Project and Programme Management