Security Risk Management Blog

SRM on Twitter

> Follow SRM

Tom Fairfax on Twitter

> Follow Tom

Paul Brennecker on Twitter

> Follow Paul

Welcome to Security Risk Management

We provide consultancy in compliance and remediation, information security, audit and forensic investigation services through our consultancy service.

We work in partnership with you to make your organisation secure, compliant and resilient.

When you want to meet ISO27001, PCI DSS, N3 or other Security Standards....

Ranging from third sector charitable organisations and corporate multinationals to government departments, we have a depth of experience in achieving compliance through our information security expertise.

How our approach will benefit you

Understanding your aims, objectives and deliverables is the key to our approach to service delivery. By identifying and clarifying your needs we can deliver results that make a positive difference to your organisation's performance, outputs and results.

Find out more >

Breaking News...

  • Security Risk Management & Worldpay - A Seminar on Information Security Risk in the Retail Sector, London, 23 May 2013. > Read more
  • SRM present on Cyber Security as a tool for Business Transformation at PCI London, January 2013. > Read more
  • The UK's data protection watchdog has reminded companies of their responsibilities to safeguard confidential details in the cloud. > Read more
  • SRM's Tom Fairfax to speak on Cyber Threat to the North East Legal community > Read more
  • SRM's Tom Fairfax to address the SMI Oil & Gas Cyber Security Conference > Read more
  • SRM expands its team with addition of new Chief Operations Officer Appointment of Oscar O’Connor will drive SRM’s Business Development Model and develop the Operational Delivery Model. > Read more
  • SRM achieves PCI PFI Status - one of the first globally to be accredited with Payment Card Industry Security Standards Council’s PCI Forensic Investigator Programme.
  • Download our White Paper today > find out how to maintain Information Security and PCI Compliance through our mapping diagram and explanation.
  • Pre-Register for the next PCI HOT TOPICS seminar > Make sure you don't miss out in the world of PCI DSS!
  • Follow our PCI Devil on TwitterPCI DSS: How to tell if your EPOS terminal is PA DSS approved... Find out how by following our PCI Devil on Twitter and get the latest take on developments in the PCI DSS field.

What does SRM do?

We deliver an extensive range of security risk management services:

  • PCI QSA - Consultancy, remediation, audit & intepretation
  • PCI ASV - Facilitate the best deal with the best company, consultancy
  • PFI - Respond, protect and support
  • PA QSA - Consultancy, remediation, audit & intepretation
  • Forensics - Investigation, expert witness services, data recovery, PFI
  • Penetration Testing - External, internal
  • ISMS - ISO 27001 - Consultancy, audit support, intepretation
  • CLAS - RMADS, Infosec support
  • Incident Response - Consultancy, response, forensic recovery, investigation
  • Investigations - Cyber, fraud, diligence
  • Project Support for InfoSec - Public sector, private sector

Find out more >


Information assurance and security

We deliver advisory services on information assurance and security, compliance, policy, implementation, and can assist your existing information security team with your project. Find out more >


Wen can provide you with several outsourcing options including secure IT service delivery and support.

We can provide you with several outsourcing options including secure IT service delivery and support, personnel management services, and information security management services. Find out more >


We can offer you specialised technology solutions such as RSA SecurID remote access and Check Point firewalls

Our experience in providing technology-related advisory services means we can offer you specialised technology solutions such as RSA SecurID remote access and Check Point firewalls. Find out more >

Breaking news

SRM's Tom Fairfax to speak on Cyber Threat Find out more >

The next event

Find out what the NEXT EVENT is >

In the press

Read Paul Brennecker's exclusive interview with Computing Magazine >