Skip to main content

Services

Compliance Support

Practical help with the compliance questions that land on IT's desk.

For most SMEs, compliance isn't a full-time role — it's a set of questions that land on the business owner or office manager, usually at the worst possible time. Compliance support is included in your £10/user/month plan: Cyber Essentials readiness, GDPR queries, ICO registration guidance, and IT policy drafting help — practical answers from people who understand what's actually required, not boilerplate.

What's included

  • Cyber Essentials readiness assessment: a review of your IT environment against the five control areas (boundary firewalls, secure configuration, user access control, malware protection, patch management), with a plain-English gap report.
  • GDPR technical queries: how to respond to a data subject access request (DSAR), how long to retain data, breach notification timelines, and what "appropriate technical measures" looks like in practice for your size of business.
  • ICO registration guidance: help understanding whether you need to register, what category applies, and what the registration covers.
  • IT policy drafting help: acceptable use policy, remote working policy, password policy, and data retention policy templates adapted to your business rather than generic boilerplate.
  • Supplier and procurement questions: help understanding what security questions to ask a new SaaS vendor, what a DPA should cover, and whether a vendor's security claims make sense.
  • Staff security awareness support: short guidance documents and FAQ answers you can share with staff on topics like phishing, password hygiene, and device use.

How it works in practice

A client asks whether the business holds Cyber Essentials, and the owner doesn't know where to start.

A UK engineer runs through the five Cyber Essentials control areas against your current setup and identifies what needs to change before an assessment. The gap report is written in plain English, not audit jargon, so you know exactly what to do first.

A member of staff receives a data subject access request and isn't sure what to do.

The AI provides a step-by-step response guide: what you must supply, what you can withhold, how long you have, and how to format the response. If the request is complex or involves third-party data, a UK engineer reviews and advises before the response goes out.

The business is signing up for a new cloud CRM and wants to know if the vendor's data processing agreement is adequate.

A UK engineer reviews the DPA against standard GDPR requirements — lawful basis, data retention, sub-processor disclosure, breach notification commitment — and gives a plain-language assessment of whether it's adequate or what to push back on.

What's not included

Compliance support is practical IT-adjacent help — it isn't legal advice, and we won't pretend otherwise.

  • Legal advice. We'll help you understand what a DPA says and whether it looks standard, but we're not solicitors. For contracts that need legal review, use a lawyer. We can help you frame the question to make that engagement more efficient.
  • Formal Cyber Essentials certification. We can get you ready for assessment, but the formal certification must be carried out by an accredited certification body. We'll help you choose one and prepare, but the assessment itself is separate.
  • Full DPO (Data Protection Officer) service. If your business processes data at a scale that requires a designated DPO under GDPR Article 37, that's a formal role that needs a qualified individual or specialist firm. We can help you understand if you need one.

Related services

Cybersecurity

Endpoint protection and incident triage.

Managed IT Support

End-user support and ticket resolution.

Microsoft 365 Support

M365 admin and account management.

Ready to try AI-led IT support?

Sign up, install the agent, and start raising tickets. £10 per user per month. Cancel any time.

Get started — £10/user See how it works