Xcina Consulting Limited was established in 2009 to provide consultancy services with a focus on risk management and assurance, information security and regulatory compliance. Within its information security solutions Xcina focuses on information governance, data protection, cyber security, business continuity and crisis management and PCI DSS.
Our qualified and experienced consultants leverage their expert industry and sector knowledge to improve compliance with risk expectations (risk appetite statements, risk capacity and risk tolerances). Our assessment and implementation methodologies generate actionable and pragmatic improvement plans and enable effective adoption within the organisation.
We work with clients at various stages of their compliance journey, from those just starting out and looking to understand the requirements, implement appropriate frameworks, embed expected practices and processes and continuously improve their implementations.
Our approach is tailored to the individual circumstances of the client and takes advantage of existing practices including non-ISO frameworks to realise efficiencies in the client’s compliance journey. We will work with clients to implement appropriate remediation for any gaps in existing frameworks.
We aim to deliver pragmatic and tailored solutions that achieve the right outcomes for clients using our hugely experienced multi-disciplinary team of dedicated risk management professionals to partner with clients delivering our services in an honest and transparent manner.
Xcina consulting is wholly owned by Shearwater Group plc, an organisational resilience group comprising several related companies involved in penetration testing, software development (multi-factor authentication and data discovery), cyber security consulting and enterprise security solutions.
Our consultants hold various ISO certifications Including:
Xcina Consulting Limited has been providing ISO 9001, 22301, 27001 and 22361 Standards consulting services since it was established in 2009. Our ISO services typically include assisting clients with conducting:
We are not a certifying body and so do not undertake independent audits for the client’s seeking certification against the various standards. Our principal objective is to get our clients ready for the audit, identifying areas where they are likely to fall short and assisting them with completing any remediation activities. We refer clients to third parties once they are ready to undertake the audit.