Information and Cyber Security

Information security is a vast area of complex regulatory responsibilities, core to working safely and effectively with the NHS and wider health and care sector providers. ETHOS is an expert in the field and believes in an ethical approach to deploying a best in class solutions at a sensible price.


At ETHOS we will build your Information Security Management Systems from the bottom up including:

  • documenting the necessary policies and procedure
  • generating mandatory evidence records
  • creating a staff handbook and guidance
  • business management manual
  • statement of applicability
  • your information risk assessment
  • other documentation necessary for the effectiveness of the information security management system.

There are no hidden charges and we only remain engaged until you have gained your certification and your staff have the knowledge and confidence to operate and maintain the safety system, unless you select our ETHOS Virtual role deployment option.

Compliance work includes:

  • ISO 27001 – ISMS
  • ISO 27001 – Path to certification
  • ISO 27001 – Implementation Training
  • ISO 27001 – Internal Audit
  • Cyber Essentials / Plus certification
  • Cyber Security Health Check
  • Cyber and Information Security Awareness and Training
  • Data Security and Protection Tool Kit (DSPT) certification
  • GDPR – Compliance Training

ETHOS Virtual ISMS roles to support your organisation when it needs it most

ETHOS will assess your most immediate needs and develop a roadmap to support your compliance work requirements. The team collaborate regularly with regulatory bodies and professional standards organisations to influence best practice across the health and care sector.