At Conformitas Consulting we are experts at implementing information security and quality management systems to help our clients achieve ISO 27001, 27701 and/or ISO 9001 certification and enjoy the business benefits these bring.
We work with our clients to ensure they meet the requirements of data protection legislation, including GDPR, and have robust data protection protocols.
Contact us today to talk about information governance, quality management, data protection and all GDPR entails.

Data Protection and GDPR



Data Protection including the EU General Data Protection Regulation and the Data Protection Act 2018.

Do you have a privacy notice on your website, but aren’t sure it is fit for purpose?
Are you unclear about your obligations around Data Protection Legislation including GDPR?
Can you demonstrate you are meeting current data protection regulations?
There is more to data protection than having a privacy notice. If you are dealing with personal data – your clients’, your suppliers’ or your employees’ – then you must comply with data protection rules and meet the requirements of data protection regulations including the GDPR.
We work with our clients to ensure they have up-to-date and relevant privacy notices and that they meet data protection legislation demands. We offer support if they receive subject access requests, or perhaps they need help with an issue raised through the ICO (Information Commissioner’s Office).

Information Security and Quality Management



Is your business seeking to achieve ISO 27001 and/or ISO 9001?
Do you need ISO certification in order to tender for contracts or to inspire confidence in the products or services you provide?
Whether yours is a tech company, you are in software, or perhaps you are a trainer or HR provider, having robust and certified systems in place is more than a box-ticking exercise – it is a platform for growth and development.
We support businesses seeking to achieve standards for ISO 27001 Information Security Management Systems (ISMS) and/or ISO 9001 Quality Management working with them to ensure they meet, and even exceed, the standards.
Whether you need certification to tender for contracts, or simply want to reap the benefits of working at ISO standard levels without undergoing the final certification process, we can help.
We will work with you to understand your goals and motivation for improving your quality and information governance, and then take a risk-based approach to helping you meet your targets.
Please get in touch to talk to us about ISO 27001, ISO 9001, information governance and quality management.

Videoconferencing Guidelines. You need more than just a dress code.

Videoconferencing Guidelines. You need more than just a dress code.


For many, video calls used to be the odd FaceTime or WhatsApp session with family and friends. Video conferences are part of business life, and even more so now. This article looks at what to consider about how they are run.
Keeping your business running in the current environment. A couple of things to consider

Keeping your business running in the current environment. A couple of things to consider


COVID-19 is top of everyone's mind when considering what will impact your business. Working from home is one possibility to stop the spread of the virus through your business. What do you need to think about to enable home working? What about those that will have to consider childcare? This article ...
Cathy took away the fear of what seemed like a huge mountain and helped break it down in to manageable hills. It is extremely reassuring to be able to rely on her guidance and expertise.
– the pension solutions group
Cathy was just fantastic at turning GDPR from what seemed like an overwhelming minefield to something very manageable and understandable. Her practical standpoint was invaluable.
– Whitewed
Cathy provided excellent guidance and advice in securing our ISO27001 certification. She listened to our needs, and responded and flexed accordingly, and left us in a really robust place as an organisation.
– Fearless Futures
Understanding the requirements of GDPR was a minefield. Cathy took the time to understand our business requirements, pulled a plan together and helped us to implement the plan and ensure we met the new data protection legislation requirements. Cathy continues to support our business needs including completing the NHS DSP Tool Kit, which widens our client base and so will increase revenue. She really is knowledgeable and easy to work with.
– Avebury Computing - MidexPRO
Cathy was recommended to us when we needed advice relating to GDPR compliance. She is very approachable, professional, knowledgeable and diligent. She quickly became a trusted advisor for the Group's long-term information governance and data protection and we are very happy to have found her.
– Rebound Group
I know that meeting the requirements of GDPR did not stop on 25th May 2018. I am relieved that we had an expert in the field during our initial preparation for the GDPR journey. We continue to look to her for ongoing help and also will continue to recommend to others.
– DB Executive Travel
During the course of 2018 we outlined plans to achieve ISO27001 and ISO9001 certification along with GDPR compliance ahead of our rebranding exercise. We contacted Cathy to get the process started and the experience of working with Cathy exceeded expectations. We received our certificates ahead of schedule thanks to the help and support we received from her.
– Hooble
When I heard that my small company was going to be forced into upgrading its quality systems towards 9001 standards, I had a cold sensation in the pit of stomach, having been involved in this area previously. Then I was introduced to Cathy, and she made the road ahead pleasant even sometimes enjoyable with her bright outlook and expertise.
– OWL Building Control Solutions
I used Cathy to develop a set of terms and conditions for my business to ensure I was GDPR compliant. She was really helpful, quick and efficient and took the time to understand my business and ensured they were fit for purpose. I have since then opened up a second service under my Ltd company and went to Cathy again to help me get a GDPR compliant policy in place for my second website. Once again she helped me out and I really see her as the 'go to' GDPR person, so much so I am always referring
– Pippa Richardson - The Head Shed
Cathy was instrumental in helping us to achieve certification to ISO 27001 on our first attempt. She was professional and extremely knowledgeable, she also walked us through updating our data protection procedures to come in line with the GDPR. I wouldn't hesitate to recommend her services.
– FleetCheck

Contact Us

Fill in this short contact form and we will get back to you. Any field marked with an * is required
Tel: 07768 041174

Please see our Privacy notice for information about what we do with your personal data