Secure Matters provide a range of audits to help organisations improve data protection and information security.  All of our audits include a site visit to understand your motivation for having an audit and to observe current practices.  Every audit includes a report providing practical help and advice on how to improve data protection and information security at your organisation.

Cyber Security Essentials

This audit focuses on getting the essentials of Cyber Security right.  It’ll look at the following:

  • Access control to your networks and devices
  • Password Management
  • Account Management
  • Anti Virus/Malware
  • Software Management

One of the benefits of this audit is that if you’re interested in attained the Cyber Essentials or Cyber Essentials Plus certificate this audit will help you get ready for it.  Once the audit is finished we can also help you to complete and submit the self assessments questionnaires for Cyber Essentials. 

Data Protection Essentials

This audit focuses on getting the essentials right.  It makes sure you understand what you need to be doing to be compliant with UK data protection laws.  These are some of the things it’ll look at:

  • Policies and Procedures
  • Training and Education
  • Data Processing
  • Data Sharing
  • Consent Models

Cyber Security

This audit includes the Cyber Security Essentials audit and extends it to include:

  • How and where you store data
  • An analysis of the applications being used to store and transmit data
  • How actively you monitor systems

Data Protection

This audit examines in detail how you process data and checks whether you are complying with UK data protection laws.

GDPR Gap Analysis

This audit will determine whether you comply with the requirements of the GDPR.


ISO27001 is the gold standard of information security.  More and more organisations are being asked to provide evidence of their information security processes and the GDPR is set to increase this demand on organisations.  ISO27001 is an excellent way to demonstrate your organisation’s commitment to information security.  It encompasses both cyber security and data protection to ensure that you’re controlling and handling data in the best possible way.  We’ll audit you against the ISO27001 standard so you’re prepared for an ISO27001 certification.