Practical solutions and guidance, harnessing the full potential of ISF research and tools.


Who we are

Effective and agile management of information risk has never been as critical as it is today. Most organisations struggle to achieve this due to lack of time, resource or in-house expertise. In response to this and Member demand, the ISF provides consultancy services, professional support activities that supplement the implementation of ISF research and tools, to all Member organisations.

Our award-winning consultancy services provide organisations globally with tailored, pragmatic support, translating technical insight into clear business focused guidance, helping organisations to achieve their information security goals.

By working with the ISF, you’ll secure your most critical information assets and gain a greater insight into your security weak-spots. We’ll ensure you have access to the right tools to be able to detect, respond and resolve ongoing and emerging threats to protect the future of your business.


Our Services

  • The ISF Standard – Information security governance, controls and policy frameworks.
  • Information Risk Assessment 2 (IRAM2) – Performing end-to-end business-focused information risk assessments whilst supporting engagement with stakeholders.
  • The ISF Benchmark – How your security arrangements measure against ‘the standard’ and other internationally recognised standards.
  • Supply Chain Management – Help identify and manage information risk exposure in the supply chains.
  • Preparing for the EU GDPR – Assistance in developing an ongoing GDPR compliance strategy.
  • CISO as a service – Temporary CISO replacement or assisting a current CISO to enhance the value of information security enterprise-wide.
  • Protecting the Crown Jewels – Identification of the organisations most critical assets and how to protect them from threats.
  • Threat Horizon – Navigate future threats and establish a cyber security strategy.


Benefits of our services

  • Independent and objective guidance, support and training.
  • Help your organisation to embed consistent and capable information risk best practice across the business.
  • Demonstrate transparency, get the budget you require, align with your business strategy and shine the spotlight on key risk areas within the business.
  • Provide real-world expertise that reflects proven practices from the worlds leading organisations.
  • Deliver high-impact services at speed.


Our Awards

We have been recognised by numerous institutions for our research in the cybersecurity space, and the high standard of support and services we provide to our Members.



For more information, please fill out the form below and a member of our team will be in touch shortly.


Consultancy Service of interest*:

Tick here if you would like to receive informative and infrequent updates from the ISF.
Opt in

Contact us to find out more