Frequently asked questions (FAQs)
This FAQ outlines how we work with clients: transparent, outcome-based pricing and with security and data protection integrated from planning to handover. Our cross-sector experience support rapid onboarding and practical risk reduction. Expect clear milestones, visible progress reporting, and early escalation to keep programmes on track.
A: We begin with a short discovery to clarify goals, timelines and constraints, then agree milestones and responsibilities. From there we map out milestones and responsibilities so everyone knows what to expect. You get regular progress updates with clear next steps and early warning when input is needed, ensuring delivery stays on time – even against tight regulatory deadlines.
A: We have delivered projects across many fields, from skincare to banking, from aviation to healthcare. Each sector comes with its own compliance and technical challenges, which gives us a breadth of ability to adapt quickly to your requirements.
A: Yes. Many of our projects involve working side by side with internal teams such as IT, but we have considerable experience of working with critical external suppliers such as an outsourced Managed Service Provider. We integrate with your in-house PMO and legal department, making sure roles and responsibilities are clarified, so your team can stay focused on day-to-day priorities while we manage delivery.
A: Yes. Unlike some other consultancies, we don’t “land and expand”. We integrate with your in-house IT provider, programme managers, legal counsel and anyone else we need to work with. We work to any internal standards you have and as soon as we’ve delivered our work, we’ll give you a handover pack and any training needed.
A: Yes. Our background includes DORA, GDPR, NIST and other regulatory frameworks. We can identify risks and build compliance into the project plan so security is not an afterthought.
A: We tie every engagement to measurable exit criteria e.g., CE/CE+ pass, DPIAs closed, go-live achieved. We publish a weekly delivery dashboard, and run stage-gates so you can pause or pivot if progress stalls. We avoid vanity paperwork: every deliverable maps to a risk reduced, a control improved, or a milestone hit.
A: Yes – we have over 20 years’ experience in IT, including Project Management, Data Protection (before anyone had even heard of GDPR!) and Cybersecurity, including knowledge of project governance (Agile/PRINCE2/MSP), security frameworks (Cyber Essentials, NIST CSF/800-53, ISO 27001 practices), and UK GDPR/DPA 2018 operations (ROPA and DPIAs).
A: We price for outcomes, not endless hours. We offer several service models such as Fixed-fee deliverables, Retainers, T&M (with a not-to-exceed cap) or Day rate for more open-ended requirements. We have a model to suit you, and champion transparent costing.
