About Romano Security Consulting

Romano Security Consulting are a small but perfectly formed UK based boutique information security consultancy. We offer a range of tailored cyber and information security consultancy services.

Romano Security Consulting have a wealth of experience in managing and delivering end to end Information Security and Compliance projects in both the public and private sectors. We have expertise in security governance, information security auditing, cyber incident management and incident response, project management, producing, enhancing and reviewing technical and information security management system documentation, security awareness training, business continuity and disaster recovery planning and testing, risk assessment and risk management, control implementation, security accreditation and third party supplier compliance.

Our experience has been gained over the last 18 years working in highly regulated areas of the public and private sectors. We have excellent technical knowledge and hands on experience in implementing cyber and information security solutions, frameworks and standards across a wide range of IT infrastructure from small businesses all the way up to large corporations and UK government departments.

All our consultants hold CISM, CISA , NCSC CCP IA Auditor Senior Practitioner, ISO 27001 Lead Auditor and ISO 27001 ISMS Lead Implementer certifications.

Cyber and Information Security Standards and Frameworks

Romano Security Consulting have experience in delivering and implementing cyber security, information security and compliance projects across the following standards and frameworks:

ISO 27001, SOC 2, SOC 1, HMG IA Security Standards and SPF, NHS DSP (Data Security and Protection) Toolkit, PCI DSS, GDPR Data Protection and Data Privacy, SOX (Sarbanes Oxley), Cyber Essentials, COBIT, UK Gambling Act Compliance, NIST, NCSC 10 Steps to Cyber Security, CIS 20 Critical Controls, NCSC 14 Cloud Security Principles, PSN, ISO 27035, ISO 22301, ISO 13485, NIS Regulations.

Cyber and Information Security Consultancy Services

Romano Security Consulting currently offer the following consultancy services:

  • ISO 27001 Consultancy

  • Superfast ISO 27001 Consultancy

  • SOC 2 Consultancy

  • SOC 1 Consultancy

  • NIS Regulations Consultancy

  • DSP Toolkit Consultancy

  • Security Audit Solutions

  • Incident Management Consultancy

  • Business Continuity Consultancy

  • Risk Management Consultancy

  • Virtual CISO

  • Cloud Security

  • ISO 13485

  • TISAX

G Cloud 14 Approved Supplier

Romano Security Consulting are approved to provide eleven of our information security consultancy services under the UK Government Crown Commercial Services G Cloud 14 Digital Market Place. 

The Digital Marketplace is an online procurement service for public sector organisations to find resources and technology for digital projects, quickly and cheaply. 

Any public sector organisation, including agencies and arm’s length bodies, can procure services using the Digital Marketplace.

The G Cloud process eliminates the need to go through a full tender process as suppliers have to apply to and be approved by the Crown Commercial Service via the G Cloud application process. 

All G-Cloud services are available via the Digital Marketplace.

Sectors

Romano Security Consultancy have delivered consultancy services in the following sectors:

  • UK Government

  • Wider Public Sector

  • Health, Education and Legal

  • Finance and Banking

  • Operators of Essential Services (Energy)

  • Technology and Communications

  • Media and Digital Marketing

  • Charity and Not for Profit

Our Founder

Our Founder, Paul Romano, likes to keep his finger on the pulse and Paul is also our Director of Consultancy.

Paul is an ISACA CISM (Certified Information Security Manager) and ISACA CISA (Certified Information Systems Auditor), NCSC CCP IA Auditor Senior Practitioner, IRCA Certified ISO 27001 Lead Auditor, ISO 27001 ISMS Lead Implementer and currently holds SC Level Security Clearance. Paul has previously held positions as Head of Cyber Security Consultancy, Audit Lead, Senior Information Security Consultant and Information Security Manager.