Services built for organisations that take technology seriously
From strategy and architecture to security and AI – we cover the full technology agenda. Each service is designed to be standalone or part of a broader engagement.
Supplier Assurance & Second Opinion
Purpose
To give you a clear, independent view of how well your current IT, cloud and security suppliers are performing – and whether major proposals on the table are worth the money.
What's Included
- +Review of existing contracts, scopes of work and SLAs
- +Interviews with internal stakeholders about service quality
- +Technical review: infrastructure, cloud landing zones, M365 setup, security controls, backup, DR
- +Review of recent or upcoming proposals
- +Comparison against good practice for your size and sector
- +Practical recommendations: improve, renegotiate, or replace
Deliverables
- →Supplier Assurance report (per supplier and overall picture)
- →Proposal review summary with recommendations
- →Suggested improvements for supplier governance
- →Optional: RFP templates and evaluation criteria
Not Included
- −Acting as procurement or legal counsel
- −Running full tender processes end-to-end for very large programmes
Cloud, M365 & Platform Architecture
Purpose
To ensure your core platforms (Azure, AWS, M365, on-prem, networks) form a coherent, secure and scalable foundation for your business and for AI.
What's Included
- +Assessment of Azure/AWS architecture (accounts, networks, security, management)
- +M365 tenant configuration review (identity, security, compliance, collaboration)
- +On-premises servers, storage, backup, virtualisation analysis
- +Network topology review: WAN, internet, VPNs, site connectivity
- +Identification of risks: single points of failure, weak security, over-complexity
- +Design of target state with standard patterns and reference architectures
- +Roadmap from current to target state in manageable phases
Deliverables
- →Platform Architecture Assessment document
- →Target Architecture overview and key reference designs
- →90-day, 12-month and 3-year roadmap options
- →List of 'non-negotiables' for suppliers operating your platform
Not Included
- −Detailed runbooks and build scripts (we define and review them)
- −Day-to-day operations of your environment
AI Readiness, Platforms & Skills
Purpose
To move your organisation from 'AI is interesting' to 'AI is safely and meaningfully embedded in our work'.
What's Included
- +Readiness assessment: data, platforms, security, risk, culture, skills
- +Discovery workshops with teams to collect and shape AI use-case ideas
- +Prioritisation of use cases by value, feasibility and risk
- +Choice and design of AI platform(s) and tools (Copilot, Azure OpenAI, etc.)
- +Design of guardrails: who can use what, data boundaries, incident handling
- +AI skills and adoption approach for IT, champions, and general staff
Deliverables
- →AI Readiness & Risk Assessment
- →AI Use-Case Catalogue and prioritised Phase-1 portfolio
- →AI Platform & Guardrails Design document
- →Skills & Adoption plan with training recommendations
Not Included
- −Building bespoke deep-learning models
- −Developing commercial AI products
Digital & Technology Strategy
Purpose
To give you a clear, joined-up plan across platforms, security, AI, data, skills and suppliers – so every project and euro supports a consistent direction.
What's Included
- +Business goals and constraints workshops with leadership
- +Review of business processes, critical services, technology estate
- +Analysis of current initiatives, pain points, supplier landscape
- +Definition of 'what good looks like' for your organisation
- +Strategy themes and roadmap with short, medium and long-term horizons
- +Investment and risk view your board can understand
Deliverables
- →Strategy & Roadmap document
- →One-page executive summary
- →Presentation deck for board/owners/investors
- →90-day launch plan with clear responsibilities
Not Included
- −Detailed project plans at task level
- −Business strategy (we align technology with it)
Operations, Reliability & Security
Purpose
To reduce incidents, tighten security and make day-to-day IT more predictable – without drowning the organisation in process.
What's Included
- +Incident and problem management review
- +Change and release management assessment
- +Monitoring and observability review
- +Security review: identity, endpoints, patching, M365, backup, DR
- +Lightweight process improvements tailored to your size
Deliverables
- →Operations & Security Health Check report
- →Updated incident / change / monitoring processes
- →Security remediation backlog prioritised by risk
- →Suggested operational metrics and dashboards
Not Included
- −Operating a SOC or NOC
- −Detailed configuration work on every single tool
Business Continuity & Resilience
Purpose
To ensure your organisation can continue operating – or recover quickly – when technology fails, sites are disrupted, or key services are impacted.
What's Included
- +Business Impact Analysis: critical services, RTO, RPO per service
- +Mapping of services to applications, infrastructure, suppliers, people
- +Review of existing continuity and DR plans
- +Design of continuity strategies: alternate sites, remote work, manual fallback
- +DR architecture design: active/active, active/passive, backup and restore
- +Planning and facilitation of tabletop simulations and technical tests
Deliverables
- →BIA summary and criticality map
- →Continuity and DR strategy document
- →Revised or new DR runbooks and checklists
- →Exercise scenarios and facilitation notes
- →Management report with prioritised resilience improvements
Not Included
- −Acting as your long-term BCM office
- −Large emergency management drills with external agencies
Cyber Risk & Security Advisory
Purpose
To help you understand and reduce your cyber risk in a pragmatic way, focusing on identity, endpoints, cloud, email and suppliers.
What's Included
- +Risk-based security assessment: identity, endpoints, email, cloud, backup
- +Review of vendor and third-party access
- +Review of policies, standards and user awareness
- +Prioritised security roadmap with quick wins and structural improvements
- +Guidance on security tooling and avoiding tool sprawl
- +Optional alignment with ISO 27001, NIS2-type expectations
Deliverables
- →Cyber Risk Assessment with clear risk ratings
- →6-, 12- and 24-month security improvement roadmap
- →Updated security policies and practical guidelines
- →Board/management briefing material on security posture
Not Included
- −Acting as a penetration testing lab
- −Running 24/7 managed detection and response
Fractional CTO / CIO
Purpose
To give you a senior technology leader who can join your leadership table, own the technology agenda, and translate between business, suppliers and IT.
What's Included
- +Regular involvement in leadership / board meetings
- +Ownership of technology strategy and roadmap
- +Architecture principles and key decisions
- +Supplier portfolio and governance
- +Technology risk and resilience agenda
- +Coaching and support for internal IT / product leads
- +Support for recruitment of key technology roles
Deliverables
- →Strategic roadmap, reviewed quarterly
- →Defined decision rights and governance cadence
- →Improved collaboration between business and IT
- →Visible progress on key technology outcomes
Not Included
- −Day-to-day operations management
- −Full-time equivalent commitment
Engagement Models
Oversight, key decisions, supplier reviews, board reporting
Full roadmap ownership, regular governance, close work with internal IT
During major change: migrations, post-merger integration, urgent uplifts
Not sure which service fits?
Most engagements start with a conversation. We'll listen to your situation and suggest the right starting point – whether that's a quick health check or something more comprehensive.
Popular Starting Points
- 1Supplier Check-Up – get an independent view of your current IT partners
- 2AI Foundations Sprint – move from AI experiments to structured approach
- 3Cyber & Continuity Essentials – establish your baseline for security and resilience