Assurance Services

Providing organisations with clarity and confidence on the appropriateness and effectiveness of their operational controls.

With ever-increasing complex regulatory requirements and a continuously evolving technology landscape, our Assurance Services focus on enabling organisations to be compliant, ensuring operations are effectively controlled and identifying and addressing risks. We work closely with you to identify and develop practical and pragmatic solutions.


Our Assurance Services include

Data Protection Health Checks

We provide a targeted Data Protection Health Check service to support all types of organisations and businesses. Our Health Checks provide a structured and informative review of compliance with GDPR and local data protection legislation using a tried-and-tested set of tools tailored to individual business needs.

They focus on both business and IT requirements, looking at what personal information is held and processed and what data protection risks exist, and deliver a bespoke report and plan to allow your business to move towards compliance and ensure you maintain compliance. We deliver three levels of health checks:

  1. Rapid Review
  2. Risk-based Health Check
  3. Full Data Protection Audit


Business Continuity Plan – Gap Analysis and Assessment

Based on ISO 22301, we conduct a detailed gap analysis and assessment of your Business Continuity Plan. Our analysis will enable you to develop an effective business continuity management plan against an internationally recognised standard. We work closely with you to identify weaknesses and areas of concern, manage or minimise your organisational risk, and improve your resilience. Our BCP Analysis and Assessment work will:

  • Provide confirmation of business continuity scope
  • Identify legal, regulatory and contractual obligations
  • Identify gaps in your current plan against ISO 22301
  • Identify risks in your current plan
  • Provide a framework for the remediation of gaps and management of identified risks

Project Health Checks

The CBO Project Health Check service will significantly improve the outcome of an organisation’s project or programme. It helps organisations that want to deliver projects successfully and prevent financial, reputational or even cultural damage.

Our Project Health Check toolkit has been built on upon industry best practice such as ISO10006:2003, PRINCE2, PMBOK and APM methodologies.

We have three levels of Project Health Checks:

  1. Ad-Hoc/Rapid Review
    Ad-Hoc or Rapid Review: A one-off review that will deliver a Red-Amber-Green (RAG) report status for each project area alongside recommendations for improvements.
  2. Ongoing Project Review & Assurance
    Our ongoing review will ensure that a project is in a fit state to progress from one stage to the next, delivering a stage report and recommendations.
  3. Full Project Audit
    Our most in-depth project assurance service is designed for high value or high-risk projects and programmes delivering stage-based reviews to provide comprehensive assurance on all aspects of the project at each critical point.

Assurance services articles

Case Study
Client data project helps financial services business meet regulatory requirements

CBO supported a locally-based independent fiduciary and fund administration business to deliver a project driven by regulatory requirements. After a period of sustained growth, the business identified the need to enhance the efficiency of its existing processes, policies and systems relating to client data management and reporting capabilities. Identifying an opportunity, the client engaged CBO […]

Case Study
The Medical Specialist Group

The Medical Specialist Group The Medical Speciality Group (MSG) is a Guernsey-based organisation providing secondary health care and services to islanders across a broad range of specialisms. In the provision of these medical services, the MSG processes a large volume of extremely sensitive personal data where adequate controls of data and processes are needed to […]

Case Study
Data protection health check for Guernsey Mind

Guernsey Mind Guernsey Mind is an independent mental health charity, promoting positive mental health for the community by providing free mental health services as well as raising overall awareness. In the day-to-day running of the charity, Guernsey Mind processes and holds a wide range of personal data. The effective protection, security, and controls over of […]

Data Protection Health Checks

Data Protection Health Checks Bringing clarity and confidence to your data protection controls.   When processing personal data, it is vital for businesses to ensure that the appropriate safeguards and controls are in place, and that they are effective. This is critical in order to build and maintain customer trust and to avoid both financial […]

Case Study
Targeted Data Protection Health Check

Context The General Data Protection Regulation (GDPR) became legally effective from 25 May 2018 in all EU member states with equivalent legislation in Guernsey. The Data Protection (Bailiwick of Guernsey) Law 2017 allowed some deferrals for implementation until May 2019. Through a GDPR Health Check, led by CBO in conjunction with the States of Guernsey […]

Blog Post
Data Protection project – done and dusted?

Privacy policy on the website updated – Tick Data protection policy updated – Tick Communications sent to staff about data protection – Tick Training rolled out to staff – Tick Cue the sigh of relief on 25th May 2018 as GDPR is done with, right? Not quite… The EU legislation, as well as the local […]

Fancy a chat? Get in touch with CBO today to discuss how we can help