Business and society is changing. Public and private sector organisations are using technology to both innovate and deliver existing products and services in new ways. More and more, leaders need to think outside their organisation when considering technology risks, with services being delivered by third parties and with increasing threats of cyber attack. To deliver and exploit this new technology, organisations are operating in new ways using agile processes and working patterns to transform themselves and reskilling their people to take on the jobs of the future.

The Business Technology Consulting team offers a range of services to help organisations taking on these challenges. From independent assurance over your key technology risks, to in-depth assessments of your cyber security posture, your digital maturity or your programme delivery maturity. Additionally, we offer access to specialist skill sets on an ongoing basis through our outsourced DPO (Data Protection Officer), outsourced CISO (Chief Information Security Officer) and outsourced Head of IT Audit services.

Our experienced staff work closely with business leaders and technology professionals to ensure they always have the right skills on hand to manage whatever challenges the digital business environment throws at them.

Technology Assurance

We help our clients get the best value from their investment in technology by:

• IT controls testing, to provide independent assurance or in support of a wider assurance assignment.
• IT effectiveness review, based on maturity of IT processes against recognised leading practices.
• Review of IT controls operated by third parties, including cloud service providers.

Our role in preparing accounts for clients goes well beyond presenting information, ensuring that we support our clients with sound business advice for the short, medium and long term based on reliable trading information.

Transformation Advisory

We ensure our clients’ IT programme/digital transformation initiatives deliver effectively by:

• Programme assurance: point in time health-checks and on-going support and guidance.
• Digital maturity assessment: using our seven part Digital Maturity Index.
• Assurance over Agile: auditing of Agile programmes and software development initiatives.

Data Analytics

We assist our clients in obtaining meaningful insight and value from the large volume of data they hold by:

• Insights into your business by identifying trends, patterns and high-risk issues that help inform decision-making.
• Enabling data visualisation to improve business process and drive assurance activities.
• Training to utilise data to improve profits, efficiency and strategy.
• Automation of audit procedures using population-testing and custom-built dashboards to ensure real-time, accurate reporting.

Cyber Security

We help protect businesses from the financial loss, reputational damage, legal consequences and regulatory action from cyber crime by:

• Cyber security control reviews, third party risk assessments, health checks, assessments against standards and action planning.
• Outsourced Chief Information Security Officer (CISO) service.
• Bespoke training packages, from board level to wider staff awareness.

Data Protection

We ensure our clients are compliant with the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) by:

• Data Protection control reviews and health checks. Policy review and guidance.
• Data Protection Officer (DPO) as a service.
• Data Protection training, from board level to wider staff awareness.

Fraser Nicol, Head of Business Technology Consulting

Fraser Nicol

Partner and Head of Business Technology Consulting, Glasgow

Fraser is Head of the Business Technology Consulting team and has 17 years’ experience in technology risk consulting and assurance. He advises a wide array of clients including large public bodies, financial services institutions, commercial businesses and charities on technology risk – such as IT strategy and governance, data analytics, cyber-crime and risk, programme assurance and digital transformation. He is most proud of co-writing the Model National Response for Online Child Protection, which sets out recommendations for countries seeking to enhance the way they protect children online. The standards have been adopted internationally, used by UNICEF and incorporated into international law by the UN Human Rights Committee. As part of his work on online child protection, he was lucky enough to work directly with senior politicians, law enforcement and industry leaders from around the world, including the current and past Prime Minister, to establish an International Organisation which brings together governments, law enforcement and industry to fight online crime against children.

Magda de Jager

Cyber Security Manager, Edinburgh

Magda is an experienced cyber security specialist, with a focus on risk management and privacy. She has a background in finance and internal audit and holds a Postgraduate Diploma in Information Security from Royal Holloway (University of London). Magda brings experience from a multitude of industries, having worked or lead engagements in public sector, energy, finance, insurance and travel & tourism. Magda is a moderator for Cyber Scotland Connect and is a regular speaker at industry conferences and meet-ups.

Mitchell Collins

Data Analytics Manager, Edinburgh

Mitchell is an experienced business technology and consulting manager based in Edinburgh, specialising in data analytics. He has worked across a wide range of large corporate and public sector clients, including FTSE 100 and NYSE listed clients. Mitchell specialises in a range of data extraction and analytics tools including IDEA, SQL and Tableau amongst others. He is also responsible for an IT Internal Audit portfolio across the public sector in Scotland

Scott Bannerman, Data and Privacy Assistant Manager

Scott Bannerman

Data and Privacy Assistant Manager, Edinburgh

As a Certified Internal Auditor (CIA), I work within our IT audit team, delivering specialist IT audits and consulting services to our internal and external audit clients. I have been involved in a wide range of IT audit areas including ICT and digital strategy, network security, information governance and data privacy/GDPR. To date I have delivered a range of services to a number of large public and private sector organisations including local authorities, NHS Boards, central government bodies as well as companies across the legal, housing, education and charity sectors.

Could your business use some help with tackling technology risks?

Over the years we have helped some of Scotland’s largest companies to manage their finances.