top of page
IL7 LOGO -03.png



IL7 is a small consultancy specialising in information assurance through risk management and compliance. Our mission is to help our customers protect their information and that of their clients.



IL7 do this because we do not  want our customer's to suffer the reputational, operational or financial outcome that will occur if their information is lost, damaged or released to unpleasant people.



IL7 carries out risk assessments to government standards to show our customers where their information is at risk and who is threatening that information. We can then address, prioritise and consoidate those risks. IL7 will identify the optimum, most cost effective way of containing these risks and formulate an assurance strategy which our customers can follow. We can also guide them to compliance in ISO 27001 and the EU GDPR.



IL7 can carry out formal or easy audits to see if controls meet standards, EU GDPR, ISO 27001/2, PCI-DSS, Sarbanes-Oxley, or HMG IA standards (BCS) or the Public Sector Network.  We have in-depth knowledge and experience of working with these standards and can provide internal audit to ISO 19011:2011 standards.

IL7 as a consultancy

Joe Ferguson is IL7 Head Consultant - "I was a CLAS consultant for ten years and am looking forward to IL7 continuing to support both the Public and Private Sector as a National Cyber Security Centre ( approved CESG Certified Practitioner (CCP).  I am a CCP Senior Practitioner as an Information Risk Analyser. I am an ISO 27001 internal auditor and can advise on GDPR, having both completed the GDPR DPO course and represented DIO on the MOD GDPR steering committee.


My personal history includes working recently for Rolls Royce, DIO, the Cabinet Office and Barclays Bank. Before that I consulted to the RPA (Defra) and MOD Air ISTAR. I was on the Successor Programme looking at IA in the design for Trident Replacement.  Since leaving the Civil Service in 1997 I have consulted to and provided solutions for major banks, Telecommunications Companies and international law firms. Over the last ten years I have consulted in HMG with DEFRA, the Met Police, Thames Valley Police, the  Home Office, MOD, F&C0, ONS, Charity Commission, Passport Office, BAE Systems and BT. Anything technical I need support on comes from experience and training and of course, my son, Michael, who is CISSP and MCE, Together we can supply risk assessment, management and security architecture services"

I have a wide number of security colleagues equally committed to Cyber Security and I hope to extend IL7 services.  It is now my intention to bid for work through the Cabinet Office HMG Portal and offer my services in this way with the support of those colleagues.

IL7 Assessment Services

Consultancy services offered include:

  • HMG MOD Accreditation, Compliance with NCSC Best Practice, Cabinet Office SPF.

  • ISO/IEC 27001 Implementation and Audit.

  • GDPR Implementation and Audit.

  • Application and Boundary Protection – conformance/compliance – vulnerability analysis and evaluation with best practice and common criteria recommendations.

  • Application Security Dev/Ops, Agile, Dev/Sec/Ops.

  • Cloud Security & PSN 14 Cloud Security Principles, Application Hosting.

  • Project Management (PRINCE2) / Implementing Security Solutions; Working with Security Architects (TOGAF) / Working on manning, procedures (SOPS) & SyOps for ITIL compliance.

  • Extensive Security Product knowledge – Microsoft, AD, EUD, McAfee SIEM, IDS/IPS, Application Centric Infrastructure (Cisco) Security Barriers, Boundary Control and Firewalls.Protective Monitoring, Intrusion Detection and Forensic Readiness GPG 13 & GPG 18.

  • Project Management and Coordination of Accreditation Planning and Compliance.

IL7 Approach to Cyber Security

Cyber Essentials

Common Cyber Attacks

IISP Pulse 

Aligned to the National Cyber Security Centre ... 

British Values 

IL7 Core Areas

Private Sector:

Finance (Banks)



Public Sector

Home Office 

Ministry of Defence

Police and Justice

Other Government

bottom of page