About Us

Information security consultancy

Aston Information Security are information and cyber security consultants specialising in information security management systems (ISMS) including all legal, physical and technical controls involved in a client’s business and information protection. We also provide information security audits and supply chain risk management services.

Our approach allows us to provide flexible, proven and effective cyber security consultancy to private and public sector organisations to assess, respond and manage information security risk. We work with our clients to ascertain their level of risk exposure and implement appropriate ISMS solutions.

We also audit and prepare organisations for ISO 27001 certification, the information security management standard and can advise large and small businesses like. If you are a small business you can read our Guide to ISO 27001 here.

Our clients include companies listed on the stock markets in the UK, US and Japan, as well as banks, IT services vendors, Government security organisations, NHS trusts and their third party suppliers, Social Media, Data Centres, App and Software developers.

Established in 2001, Aston Information Security is committed to providing a business-oriented, practical and efficient cyber security and information assurance service.

Contact us to find out how we can help.

Our Clients

Our years of experience assuring the security of information systems for our clients means we are able to combine sector-leading technical skills with our experience to provide the best information assurance and risk management services for the organisations we work with.

We provide thorough and comprehensive services and solutions by combining necessary and essential core technical competencies with years of experience of assuring the security of information systems for a range of clients from boutique companies to multi-national institutions, to public sector and the security services.

Some of our information security consultancy projects have included:

• The world’s largest information management solution company. We took its UK and European sites through a successful ISO 27001 certification process, plus advised and managed its List X approval process and International Traffic in Arms (ITAR) compliance as well as SAS 70 compliance.
• Police databases, where we advised on the compliance of some of the most sensitive databases in the UK.
• Wrote the Information Security Management System (ISMS) for the UK’s largest outsourcing company in order to attain their Public Services Network (PSN) certificate.
• Took a European software house through successful ISO 27001 accreditation.
• For Europe’s leading IT services company, we implemented the ISO 27001 infrastructure that was rolled out in 22 countries to become the world’s largest ISO 27001 certificate.
• A major American data-centre organisation. We were responsible for maintaining its ISO 27001 certificate, one of the first companies in the UK to get this new standard, and extending the scope to include an additional data-centre and List X clients. In addition, ensuring the alignment of the UK Government’s Accreditation Document Set (ADS) to the standard.
• Conducted Risk Assessment and ISO 27001 Security Audit on the world’s largest IT contract.
• Consulted to over 50 NHS trusts and Commercial Third Parties (CTP) on Information Security and the NHS Information Governance toolkit.
• Merchant Banks, delivered training in security and compliance.
• Local Governments, trained staff on security and legislation.