ISAS - About Us - NHS Information Security & Assurance

A note about cookies:

This website:

1. Uses cookies that are deleted after your session ends and by using the site you agree to this.
2. Sends usage data about your visit to Google Analytics so that we can see how visitors interact with the site.

For further information click here.

About Us

Our highly experienced and accredited ISAS Team has been in operation since 2007 and provides services to both Public and Private sector clients.

The service provides specialist information security consultancy services in a highly cost competitive manner for the overall benefit of the public sector with any income generated through private sector provision benefiting NHS patient care.

Our goals are to:

Provide comprehensive, expert information security consultancy services.

Increase the security posture of both public and private sector clients.

Benefit NHS patient services and experience.

An overview of the services we provide is available via the services page, learn about our wholistic approach to all things information, IT and cyber related here.

Our team has:

Extensive experience operating within and testing critical and often life dependent computing environments.

Issued security advisories regarding so called 'zero-day vulnerabilities' several of which have been published by groups including CertUK.

Been included in television news stories, such as on Sky News.

Influenced national public sector cyber security focus, direction and development.

Contributed to national cyber security initiatives, projects and the 2016 Review of data security, consent and opt-outs.

Presented and exhibited at national conferences and exhibitions including:

CyberUK 2016
Cyber Security in Healthcare Show
CIPFA annual conference
PSC 2017
IIA Conference - November 2018.
Healthcare Strategy Forum, providing a demo hack.

Health Service Journal Webinar, Getting the access and security equation right in the NHS.

Our certifications & accreditations include:

Tiger Scheme Senior (SST).

Certified Information Systems Security Professional (ISC2 CISSP).

Certified Application Security Tester (CAST).

ISO 27001 Lead Auditor.

Certified Ethical Hacker (CEH).

BCS Certificate in Information Security Management Principles.

Cyber Essentials Plus.

Cyber Essentials Certifying Body.

Audited IASME Governance (IASME Gold).

The ISAS and wider West Midlands Ambulance Service NHS Foundation Trust assurance teams are pleased to be members of The Internal Audit Network (TIAN); a professional network of NHS based internal audit providers bringing together collective thinking to add greater value to clients.

We are an approved Government Digital Marketplace Supplier, find us on G-Cloud / Digital Marketplace.