Cyber Risk & Compliance Advisory
Led by Heather Bearfield, Helping businesses stay secure, compliant, and audit-ready.”
Meet Heather Bearfield
Heather Bearfield, MBA, CISA, CISM, CRISC, CDPSE, is a leading expert in IT risk management, cybersecurity governance, and regulatory compliance. With over 15 years of experience across industries like defence, manufacturing, software, and finance, she helps businesses protect their operations, navigate audits, and align with evolving compliance frameworks.
IT Audit Plan Execution
Thorough evaluations of your organisation’s IT systems and controls to identify weaknesses, ensure compliance, and provide actionable audit insights.
IT SOX Testing
Comprehensive testing of IT controls related to Sarbanes-Oxley (SOX) compliance, ensuring financial systems meet governance and reporting standards.
Network Security Assessments
Detailed analysis of your network infrastructure to detect vulnerabilities, misconfigurations, and risks across internal and external systems.
Penetration Testing
Simulated cyberattacks to test your defences, expose weaknesses, and provide practical recommendations to strengthen your organisation’s security posture.
SDLC Controls Testing
Evaluation of controls throughout the Software Development Life Cycle, ensuring secure, compliant development practices from planning to deployment.
Outsourcing & Co-Sourcing
Collaboration models for audit or cybersecurity support, whether full outsourcing or working alongside your internal teams to augment capacity and expertise.
IT Risk & Compliance Frameworks Covered
- SOC 1, 2, 3, 2+
- HIPAA (Health Insurance Portability and Accountability Act)
- CMMC (Cybersecurity Maturity Model Certification)
- PCI (Payment Card Industry Data Security Standard)
- CMMI (Capability Maturity Model Integration)
- FISMA (Federal Information Security Management Act)
- FEDRAMP (Federal Risk and Authorization Management Program)
- NIST (800 Series and related standards)
- ISO (ISO 27001 and other IT risk standards)