Practical compliance.

Information security, personal data protection, and ops for agile organisations.

What I Can Help With

Strong Foundations

Gap analysis & tailored action plan for:

  • Key security measures
  • GDPR compliance
  • Supplier / SaaS due diligence

Information Security Management System (ISMS)

  • Implementation from scratch to ISO 27001 certification
  • Ongoing running & improvement
  • Internal audits

GDPR Data Protection

  • Prioritised action plan and support to achieve it
  • Up-skilling your Data Protection Lead
  • ISO 27701 for Privacy Information Management System (PIMs)

Vanta & other platforms

  • Set-up & ongoing support with Vanta or other compliance management platforms

Operations Support

  • Supplier due diligence
  • Organisation, data and project management
  • Support with other ISO integrated management systems

Approach & Credentials

Approach

  • Understanding how you actually work and what your aims are
  • Creating your systems in the platforms your team is familiar with
  • Using my knowledge and experience to build an effective approach that suits your needs
  • Strong foundations: identifying gaps and risks, creating a tailored, prioritised action plan
  • Information Security: working in partnership with a technical person at your organisation
  • Training and handover to your team, with ongoing support as needed

Experience

  • First-hand & consulting experience of ISO audit, certification & ongoing operation
  • Experienced DPO and data protection programme manager across varied sectors
  • Head of Operations and leadership team member of tech-bio SaaS company, from start-up to SME
  • Life science industry and trade association roles
  • PhD scientist with scientific understanding and research experience

Qualifications

  • ISO 27001 ISMS Lead Implementer (CIS LI)
  • ISO 27001 ISMS Lead Auditor (CIS LA)
  • Maastricht European Centre on Privacy and Cybersecurity DPO Certification
  • IAPP Certified Information Privacy Professional/Europe (CIPP/E)

Testimonials

"Zoë played a key role in not just helping us attain our ISO27001 but also ensuring that we had a system in place that was manageable for our type and size of business"

"Took the time to deeply understand our business context"

"Zoë provides us with a high level of confidence not just at audit time but throughout the year"

Contact

If you’d like to discuss a project or consultancy support, I’d be happy to hear from you

email zoe@zoetropeconsulting.uk