Your information security and data protection experts

A pragmatic and collaborative approach to information security and data protection management

ISO27001            ISO27701            ISO9001


Cis Taylor

Rebound Group Holdings

“Cathy was recommended to us when we needed advice relating to GDPR compliance. She is very approachable, professional, knowledgeable and diligent. She quickly became a trusted advisor for the Group’s long-term information governance and data protection and we are very happy to have found her.”


Tony Marshall

Privacy, Data Protection & Compliance Manager, Vvast

“Vvast became ISO 27001 certified. This signals a huge milestone for our business but we certainly aren’t using it as a check box exercise, we want to get risk management, compliance and security right – forever. In less than 10 months I have created an entire data protection and security framework, taken vvast to Cyber Essentials + certification and now ISO 27001 certification. Huge thanks goes to Cathy Brode for holding my hand through the 27001 process, I could not have achieved it without her”


Sue O'Connell

HR & Compliance Manager, Fleetcheck

“Cathy was instrumental in helping us to achieve certification to ISO 27001 on our first attempt. She was professional and extremely knowledgeable, she also walked us through updating our data protection procedures to come in line with the GDPR. I wouldn’t hesitate to recommend her services.”

At Conformitas Consulting we are experts at implementing information security and quality management systems to help our clients achieve ISO 27001 and/or ISO 9001 certification and enjoy the business benefits these bring.

We work with our clients to ensure they meet the requirements of data protection legislation, including GDPR, and have robust data protection protocols.

Call us today to talk about information governance, quality management, data protection and all GDPR entails.

Data Protection

Do you have a privacy notice on your website, but aren’t sure it is fit for purpose?

Are you unclear about your obligations around Data Protection Legislation including the GDPR?

Can you demonstrate you are meeting the requirements of current data protection regulations?

There is more to data protection than having a privacy notice on your website. If you are dealing with personal data – your clients’, your suppliers’ or your employees’ – then you must comply with data protection rules. This includes evidence on how you are doing this.

We work with our clients to ensure they have up-to-date and relevant privacy notices, data protection policies and records to meet the requirements of data protection legislation. We offer support if they receive subject access requests and any other data protection and privacy enquiries.

Information Security

Information Security is important across all parts of your business.

Selecting the systems you use, security aspects of your network, for home workers, data protection aspects, and, if you develop software or systems, how you ensure security as well as privacy by design, are just some of the areas you need to ensure you have considered and have policies and procedures in place.

Whether you are looking to get certification to the international standard ISO 27001 or not, having information security processes and procedures in place will help your other business processes.

Please get in touch to talk to us about information governance and security.

Achieving ISO Certification

Is your business seeking to achieve ISO 27001, ISO 27701 and/or ISO 9001?

Do you need ISO certification in order to tender for contracts or to inspire confidence in the products or services you provide?

Whether yours is a tech company, you are in software, or perhaps you are a trainer or HR provider, having robust and certified systems in place is more than a box-ticking exercise – it is a platform for growth and development.

We support businesses seeking to achieve standards for ISO 27001 Information Security Management Systems (ISMS), ISO 27701 Personal Information Management Systems (PIMS) and/or ISO 9001 Quality Management working with them to ensure they meet, and even exceed, the standards.

Whether you need certification to tender for contracts, or simply want to reap the benefits of working at ISO standard levels without undergoing the final certification process, we can help.

We will work with you to understand your goals and motivation for improving your quality and information governance, and then take a risk-based approach to helping you meet your targets.

About us

At Conformitas Consulting, we work holistically with our clients.

We look at organisations as a whole, identifying potential risks and weaknesses as well as opportunities, and then help put systems and processes in place to ensure they have robust quality management, and that their data protection and information governance is exemplary.

We take a pragmatic approach when supporting our clients with their data protection, ensuring they comply with current legislation, and meet the requirements of GDPR.

We are experts in information security and quality management, helping our clients achieve standards needed for ISO 27001 and/or ISO 9001 certification.

The way we operate – combining our expertise and knowledge with common sense and pragmatism – means the systems we help deploy work with the business and not against the business, bringing positive benefits to their growth and development.

We inspire confidence in our clients, and are proud to become their trusted advisors for everything relating to information governance, quality management and data protection.

Based in the UK, we support businesses globally, including in Canada and Europe and can help start-ups and SMEs across any sector, such as software, IT, HR, and training.

To talk to us about information governance, quality management, or data protection/GDPR, please get in touch for a no obligation conversation.

Our background 

Conformitas Consulting was founded in 2011 by Cathy Brode, whose background is in computer science, software, quality management and information governance.

Cathy was among the few women in the Eighties to take an degree in Computer Systems, which combined Electrical Engineering with Computer Science. Her early career was in AI, moving on to head up part of an EU wide network security research project – the network being a precursor to broadband.

Cathy then swapped research for commerce, and began her career in quality management, compliance and information governance, working closely in and with the tech and software world. She’s worked with businesses, for businesses, and run and sold her own businesses.

With more than three decades’ experience working with organisations across a range of sectors, including IT, software and training, Cathy is perfectly placed to advise and support our clients with information security and quality management systems, helping them to achieve ISO 27001 and/or ISO 9001 certification, and ensuring they have robust data control.

To talk to Cathy about information governance, quality management, and data protection including GDPR, please get in touch for a no obligation conversation.

Get in touch

To talk to us about information governance and quality management – working towards ISO27001, 27701 and/or ISO9001 – or to find out more about data protection/GDPR please get in touch with Conformitas Consulting.

5 + 5 =


Steve Fox

Business Manager, The Pension Solution Group

“Cathy took away the fear of what seemed like a huge mountain and helped break it down into manageable hills. It is extremely reassuring to be able to rely on her guidance and expertise.”


Fearless Futures

Fearless Futures

“Cathy provided excellent guidance and advice in securing our ISO27001 certification. She listened to our needs, and responded and flexed accordingly, and left us in a really robust place as an organisation.”




“During the course of 2018 we outlined plans to achieve ISO27001 and ISO9001 certification along with GDPR compliance ahead of our rebranding exercise. We contacted Cathy to get the process started and the experience of working with Cathy exceeded expectations. We received our certificates ahead of schedule thanks to the help and support we received from her.”


Tom Davenport

Digital Marketing Specialist Ltd.

“Cathy is my most trusted, dependable expert on data compliance. My team works in digital marketing and have had to get to grips with extensive requirements around GDPR, from precise privacy policies to interpreting the nuances of GDPR regulation. Cathy was essential in successfully navigating these. I have referred her to my most important clients including one of the major labels, where her recommendations impressed their internal legal team. Her contribution makes my team and resources all the more impressive. Working with Cathy is a perk of my job and anyone who cares about really thorough, comprehensive compliance will have a much easier life having Cathy’s support.”


Brian Gerhardt

Managing Director, OWL Building

When I heard that my small company was going to be forced into upgrading its quality systems towards 9001 standards, I had a cold sensation in the pit of stomach, having been involved in this area previously. Then I was introduced to Cathy, and she made the road ahead pleasant even sometimes enjoyable with her bright outlook and expertise.



Avebury Computing

“Understanding the requirements of GDPR was a minefield. Cathy took the time to understand our business requirements, pulled a plan together and helped us to implement the plan and ensure we met the new data protection legislation requirements. Cathy continues to support our business needs. This includes registering for and completing the NHS DSP Tool Kit, which widens our client base and so will increase revenue. She really is knowledgeable and easy to work with.”

Conformitas Consulting Ltd

Tel: 07768 041174

Registered in England and Wales: 7736145

VAT Registration Number: 270010364

ICO Registration Number: ZA288152

Made with 🖤 by Danny&co.