Fixed-scope Cyber Health Check — from £995*info@strontian.ltd

Three practice areas. One focus: making security something you can act on.

Every engagement starts with understanding your business, not your firewalls. We diagnose. We prioritise. We fix or guide.

Cyber GRC

Governance, Risk & Compliance

Building or fixing the framework that proves security is managed properly.

Who it's for

  • Companies pursuing ISO 27001, SOC 2, or Cyber Essentials
  • Firms that failed an audit or client security questionnaire
  • Startups facing enterprise security due diligence
  • Organisations preparing for NIS2, DORA, or GDPR security scrutiny

What we do

ISO 27001NIST CSFCyber EssentialsPoliciesRisk frameworksThird-party risk

Typical engagement: fixed-price gap assessment, usually £3,500–£6,500 depending on scope.

Discuss a GRC engagement
Remediation

Programme Remediation

Leading the fix when audit, breach, or board pressure demands action.

Who it's for

  • Organisations with audit findings that need structured remediation
  • Companies needing post-incident remediation led properly
  • Boards that mandated security improvement without internal delivery capacity
  • Firms needing interim CISO or programme director support

What we do

Programme designGovernanceStakeholder reportingVendor oversightBAU handover

Typical engagement: interim programme lead, usually £800–£1,200/day depending on scope, urgency, and commitment.

Discuss remediation
IAM

IAM Security Architecture

Designing and reviewing how people and systems access your data and applications.

Who it's for

  • Companies whose access management has grown informally
  • Firms handling sensitive data that need provable access controls
  • Organisations moving to cloud/SaaS across environments
  • Companies preparing for zero-trust or modernising legacy access systems

What we do

IAM strategyPAMZero-trustIGAAccess reviewTooling evaluation

Typical engagement: IAM architecture review, usually £3,500–£5,500 depending on scope.

Discuss IAM

How we work

Diagnose. Prioritise. Fix or guide.

Every recommendation should make the next action clearer, not create a bigger consulting dependency.

Diagnose

We understand your business, your risks, and what you've already got.

Prioritise

We rank what matters by business impact — not by what's technically interesting.

Fix or Guide

We either lead the fix ourselves or give you a roadmap you can hand to a competent team.

Not sure which service fits?

The Cyber Health Check is the front door: a diagnostic from £995* that identifies your top 5 risks and recommends the right next step.

Start with the Health Check