Citicus welcomes Regency IT Consulting as an implementation partner

UK-based Citicus Limited has entered into a partnership agreement with Regency IT Consulting to help public and private sector clients in the UK and elsewhere to measure and manage information risk using our award-winning Citicus ONE risk management software.

Announcing the partnership, Marco Kapp, co-founder of Citicus Limited says:

"Regency IT Consulting has a distinguished track record of providing information security advice and assistance throughout central government and its agencies (including defence and security organisations) as well as to high-profile private sector companies whose activities demand the highest level of assurance. Regency believes that making use of tools such as Citicus ONE will enable them to fulfil this role still more efficiently and effectively."

"By combining the power and flexibility of Citicus ONE with the expertise of Regency's very experienced team of consultants and accreditors, we can help customers set up highly efficient risk programmes which become part of the fabric of their organisations. This approach promotes a culture of risk and security awareness within the organisation, where information assurance is seen very much as 'Business as Usual', rather than being a bolt-on optional extra."

"Our two companies' respective experience of providing managed services also equips us to take full responsibility for running individual risk/security programmes, if requested."

"We see this new partnership with Regency IT Consulting as a key enhancement of our ability to deliver ground-breaking risk solutions around the world, powered by our industry-leading Citicus ONE risk and compliance management software."

Andrew Beckett, Managing Director of Regency IT Consulting adds:

"All of us here at Regency have been impressed by the ability of Citicus to deliver a highly efficient, systematic approach to risk management which treads lightly on individual organisations and can be tailored to fit each customer's precise compliance requirements. In today's economic climate, these qualities are essential."

"Citicus ONE comes pre-loaded with all the most widely-used standards and frameworks that are generally regarded as representing best practice in information assurance. These include ISO/IEC 270001:2005, COBIT, ISF Standard of Practice and PCI/DSS. What's more, the system can be easily configured to measure risk and compliance in other important areas, such as SCADA, or to assess compliance with the UK Government's Security Policy Framework and its subsidiary standards and guidance documents."

"The reporting capabilities of Citicus ONE are also outstanding, including its ability to track remediation activity through to completion. In our experience, this is an area which many organisations often fail to address properly and the ready availability of readable, well-formatted reports will save them a lot of effort. Citicus ONE software can also be deployed on any scale, which allows us to offer a flexible pricing policy."

"Regency IT Consulting is very much looking forward to working with Citicus in building the security and risk management systems that are urgently needed to defend against the cyber threat, which the UK government has recently placed right at the heart of the national security strategy. We believe that the expertise of our consultants will add real value to what is already an excellent product."

What is Citicus ONE?

Citicus ONE is a web-based risk and compliance management system. It enables the risks posed by information leakage, loss of integrity or unavailability (including breaches of data privacy) to be both measured and managed and can be used across large or small-scale office systems, public-facing web-based systems, payment systems, industrial control systems or an enterprise-wide IT infrastructure. Citicus ONE can also be used to address other areas of operational risk (e.g. projects, sites, suppliers).

Citicus ONE measures risk and compliance via a continuing managed process using a methodology called FIRM developed by the Information Security Forum (ISF). This enables private and public sector organisations to measure the risk posed by their critical systems and compliance with good practice in a highly efficient, business-oriented manner.

Citicus ONE as a Managed Service

Customers can install Citicus ONE on their own servers, with Citicus and Regency providing guidance and advice to the business on how to use the software most effectively. However, if preferred, Citicus can deliver Citicus ONE via our secure hosted service. Regency may also provide a hosted service using their secure hosting facility e.g. where there is a requirement to hold information protectively marked under the UK Government’s Protective Marking Scheme (UK GPMS). Regency’s expertise across the Information Assurance field, coupled with their familiarity with the applicable standards, also allows them to offer a fully outsourced risk management function based on Citicus ONE to customers in Government, the defence/security community and across the wider public and private sectors.

About Citicus (

Citicus Limited was formed in 2000 by Simon Oxley, Sian Alcock and Marco Kapp (who led the development of FIRM on behalf of the ISF). The company builds world-class automated risk management tools, derived from its collaborative development programmes, and provides education and training to help implement them successfully.

About Regency IT Consulting (

Regency IT Consulting is a leader in the provision of Information Assurance (IA) consultancy and advice, employing a strong team of experienced IA consultants and accreditors. Many of their consultants are listed under the CLAS scheme operated by CESG (the UK’s National Technical Authority for Information Assurance).

Founded in 2005 and based in Cheltenham, England, the company is now part of Cassidian, an EADS company and a global leader in aerospace, defence and related services. Regency continues to be led by one of the UK's most experienced and capable InfoSec practitioners. Their highly experienced staff deliver the full spectrum of specialist IA support to government departments and agencies, as well as to other public and private-sector enterprises throughout the UK and elsewhere.

From its Secure Operations Centre, Regency IT Consulting also provides secure protective monitoring and cryptographic services, which have been certified to ISO 27001 and 9001 by the UK BSI Group.

For more information, contact:

Marco Kapp, Citicus Ltd,
Tel: +44 (0)20 7203 8405

Andrew Beckett, Regency IT Consulting Ltd
Tel: +44 (0)1242 225 681

Nick Hall, Citicus media relations
Tel: +44 (0)7949 111 174

Download PDF Back to News


Share this post