Audit & Certification

Our audit and certification services are designed to help you achieve regulatory compliance with the minimum of fuss and cost. Our expert team continually audit clients in PCI DSS, ISO27001 and Cyber Essentials among others, to ensure the highest standards are met and maintained.

The Implementation Challenges

You will almost certainly be working in a business that is subject to more than one regulatory framework. Many of our customers must meet PCI, ISO, GDPR and FCA standards as a matter of course. There are more, all with complex requirements and a need to maintain and update systems and processes to retain certification.

Compiling evidence of conformance is time-consuming and complicated. Costs mount to meet regulatory needs and valuable personnel are diverted into audit processes.

We provide expert audit and certification services to help you prepare for and complete regulatory audits, working towards certification in various standards including:

  • ISO 27001
  • Cyber Essentials
  • PAS 555
  • GDPR Assessment

Our Solution

Not only do we manage the audit process, we will also help you find solutions to regulatory requirements. Wherever you have conflicts, exposure across your whole estate or processes that have too many touch-points increasing your risk, we will help you find the right solution. As always we will find the most suitable, commercial way to manage your issues rather than implementing changes that can be prohibitively expensive and highly disruptive.

PCI Compliance Assessment

Blackfoot has been helping customers meet PCI DSS standards for many years. Our PCI Compliance Assessment is a comprehensive review covering a discovery phase, an on-site workshop with your team, and a full audit. If you pass, we will provide the necessary documentation to evidence PCI standards are being met. If the worst happens and you fail, we will provide documentation that covers all remedial requirements to achieve a pass. If you want to achieve PCI DSS certification with the minimum of fuss in as little time as possible, talk to us about our PCI Compliance Assessment

Scope Based Gap Analysis

You may want to know whether you meet regulatory requirements to achieve certification without going through an official audit. Our scope-based gap analysis is the answer. Our analysis completes a series of steps including a discovery workshop, detailed audit, and a controls spreadsheet highlighting all areas of compliance and any required remedial action to achieve certification. Once you complete the necessary actions to be fully compliant, you can progress towards your certification quickly and efficiently.

Cyber Essentials Audit

Cyber Essentials is a government backed scheme designed to help businesses become more cyber-secure. If you are a Cyber Essentials certified business, or would like to achieve the standard, the Blackfoot CE Audit provides an independent review of your levels of compliance and helps you strengthen your protection against a variety of the most common cyber-attacks. We will help you complete the CE questionnaire for submission to the certification body. We will also identify any areas requiring remedial action and help you implement them where required.

ISO 27001 Support

From gap analysis, to audit support, through to consultancy to help you ensure compliance, Blackfoot can provide all the necessary services to help you achieve and maintain the ISO 27001 standard. By achieving the standard, you will be able to clearly demonstrate to your customers your ability to manage information safely and securely. ISO27001 has become a key requirement in many supply relationships, so let Blackfoot help you get there.


Our other services

Our comprehensive service portfolio will help you protect you and your customers. Check out our other services to see how we can help you.

Security Planning

Security Management

Data Protection & Privacy


Technical Assurance & Security Testing

Lets talk about audit & certification