Integrity – our integrity is beyond question. In the context of lawful operation, our clients’ needs are paramount. In the event of a conflict of interest, we shall inform, escalate and seek resolution immediately.

Customer Focus – clients who retain the services of PO Consulting Ltd are at the focus of our attention. We are independent of any vendor; our advice, behaviours and recommendations come unencumbered. Individual client need and the goals of the assignment are at the heart of our activity.

Simplicity – the simplest solutions are the ones which are capable of gaining the highest security assurance. We strive to simplify business problems and implement solutions which are appropriate to risk.

Risk-based thinking – risk assessments are at the heart of what we do. We do this with our clients as there is no one better to understand our clients’ business than the clients themselves. This ensures that we have a good understanding of the problem, the risk analysis is agreed (including impacts in the business) allowing appropriate mitigations to be considered and put in place. This also ensures that security barriers are selected from the most appropriate domain; there is little point in spending money on expensive firewalls when there is no governance in place to maintain them in a secure state.

Innovation – we thrive on challenging norms. Lateral thinking often yields different ways of working which bring with them additional benefits. There is a chance that these also bring risks which are not fully understood. This challenge has to be executed in a controlled manner and be respectful of the maturity of established solutions and ways of working. We encourage the challenge, supported by full peer group reviewed analyses.

Evidence based – our activity, thinking, conclusions and recommendations are evidence based. We are passionate about what we do and welcome challenge. If we cannot explain the rationale behind a recommendation then we have failed. We operate on the premise that an individual of equal or greater competence should reach the same recommendation independently from the same evidence base.

Value for Money – we are in the business of providing security solutions which represent value for money (VFM) in ALL phases of the solution’s life. VFM is key in ensuring that a secure solution is effective; if it is not then stakeholder buy in will decay over time. Intuitive useability is often a close partner of VFM in this regard. We use all the degrees of security freedom available to us – process, technology, personnel and physical to ensure that our solutions are balanced, useable and optimal VFM through life. A key aspect of this is the use of Commercial Off The Shelf (COTS) components in architectures which quite often exceed the assurance of bespoke components.

Knowledge Transfer – building on all of these values, we encourage our clients to share our enthusiasm and passion. We actively encourage knowledge transfer so that the client themselves can take ownership of and maintain the secure system.