QT&C Market Sectors

Our main areas of activity...

QT&C offer professional services and approved training courses into the following market sectors:

Private Sector

Predominantly dealing with concerns and best-practice issues regarding Information Security Management. Whilst this is ‘traditionally’ focused in and around technical and IT security, there is a growing realisation that a holistic management-led approach is the way forward.

We help organisations achieve international standards, best practice regulations and information based legal compliance.

Central Government

Central Government benchmarks and measures improvement of their capabilities through the Information Assurance Maturity Model (IAMM), which incorporates the mandatory information related requirements of the HMG Security Policy Framework, the requirement to apply the 2008 Data Handling Review and is aligned with the ISO 27001 Standard and the broader outcomes sought by the National IA Strategy.

“The growing need for Departments to share information in response to the Transformational Government and Shared Services initiatives means that common standards need to be applied across Government.” CESG 2010

The IAMM is underpinned by an IA Assessment Framework (IAAF) which details the measures required to deliver the levels of maturity contained within the Model.

QT&C is supportive of this and can assist public bodies wishing to use the IAAF to conduct IA self-assessments in order to achieve progress through the 5 levels of the IAMM.

Local Government

Local government’s vision and approach for IA is defined by a number of sources including: Local Government Association (LGA), Socitm, GCHQ and CESG to name but a few.

Their role is to develop and promote policies for local government around information assurance and the associated issues of information risk management, information security management, legal compliance and business continuity management.

In addition to National IA strategy, Local Government has its own sector specific reports such as the Local Government Data Handling Guidelines.

Overall initiatives such as the Government Connect Code of Connection have helped significantly with increasing compliance with good practice but more can be done. QT&C understands local government has its own specific IA needs, which is reflected in the way we approach service delivery and support of this highly inter-connected sector.

NHS and Social Care

The Information Governance Framework for our health and social care services are based on legislation, standards, policy and other guidance from which applicable Information Governance (IG) standards are derived.

In addition to setting policy on the use of information relating to patients and service users, a key focus is the application of robust Corporate Governance. This is reflected within the NHS IG Toolkit for which NHS organisations are required to complete regular assessments.

Part of completing IG Toolkit assessments (for NHS and private contractors working with the NHS) includes signing the Information Governance Statement of Compliance (IGSoC). This is to provide an assurance that key requirements are being met or that appropriate improvement plans are in place to remedy any shortcomings.

Through our long standing support of the healthcare sector QT&C can assist with IG Toolkit returns, submitting a Statement of Compliance as well training and motivating staff to behave in accordance with IG policy.

The Police

Our national police force follows the Police Service IA Strategy 2010 – 2013. The three year strategic direction aims to develop Information Assurance capabilities across the Police Service.

Outlining the requirements placed on the Police Service under the ACPO/ACPOS Community Security Policy, such as the HMG IA Maturity Model and Assessment Framework, the modular Code of Connection and Risk Managed Accreditation Document Sets for police systems. It also supports the implementation of the HMG National Information Assurance Strategy (NIAS) and Information Systems Improvement Strategy (ISIS) programme.

QT&C offers approved training and IA services in order to compliment this and further embed an IA culture within our Police forces.


MOD policy is heavily influenced by government policy, but naturally the primary focus here is on national information assurance strategy and cyber-security.

Take the first step and get in touch with us today...


  • How to make dry subjects interesting and informative! Brilliant

    - Phillip

  • I’ve only been working with Data Protection for a month and it must have showed with my constant questions. I never would have made it through the exam without your support. I will definitely be recommending you.

    - Sara, NHS employee

  • Now that we are 27001 certified, I have no doubt of maintaining our government contracts.

    - Andy Buckle

DISCLAIMER Show Disclaimer

Disclaimer: QT&C does not use cookies. QT&C does make use of Google analytics. We use this to monitor the effectiveness of our website and to ensure that our visitors find what they are searching for. For more information please see our terms and conditions, Privacy Policy or visit Google Analytics here.

Hide Disclaimer