IT Auditing Services
London & the South East
Independent IT auditing and cyber security audit services for London businesses preparing for NIS2, ISO 27001, Cyber Essentials Plus, GDPR, or cyber insurance renewal. Evidence-grade reports — no checkbox theatre.
NIS2 Readiness Audit
Gap analysis against EU NIS2 Directive Article 21 measures and Article 23 notification readiness. Mapped to UK-applicable extensions.
ISO 27001 / 42001 Pre-Audit
Annex A control mapping, Statement of Applicability review, ISMS readiness scan ahead of certification body engagement. ISO 42001 for AI management systems.
Cyber Essentials Plus Prep
Self-assessment review, technical control verification, evidence-pack assembly for IASME-accredited assessors.
Insurer Pre-Underwriting Audit
Cyber insurance readiness review producing evidence underwriters accept on first review — MFA, EDR, IR plan, BCP.
IT Health Scanner
External attack surface scan with prioritised remediation plan. Suitable as the first step before a deeper audit.
GDPR / DPA 2018 Audit
Lawful-basis register (ROPA) review, Article 30 documentation, breach process attestation, retention schedule audit.
Why London Businesses Engage SummitBridge Horizon
London-headquartered businesses face a denser regulatory environment than the UK average. Financial services concentration drives FCA, PRA, DORA, and operational resilience expectations. Critical national infrastructure (CNI) entities meet NIS2 and the UK's expected NIS Regulations 2025 update. Local government and public-sector suppliers face Cyber Essentials Plus and MOD industry compliance.
SummitBridge Horizon is based at 71-75 Shelton Street, Covent Garden — the same WC2H postcode as many of our London clients. Audit teams attend on site for sensitive engagements (financial services, regulated entities) and operate remote-first for cost-controlled scopes.
Each audit produces an evidence pack: control state, gap list, remediation priorities, and time-bounded action plan. Reports are jurisdiction-aware (UK GDPR, NIS Regs, EU NIS2 / DORA cross-reference) and rejection-safe for insurer or certifying-body review.
Engagement Model
Scoping call, stakeholder map, documentation request, regulatory applicability confirmation.
Control walkthrough, evidence review, technical scans where in-scope, interview with named system owners.
Findings catalogue, evidence pack, prioritised remediation plan, executive briefing, optional remediation support.
Request a Scoping Call
Discovery calls are free of charge, 30 minutes, no obligation. We will confirm applicable frameworks, in-scope systems, and a fixed-fee proposal within five working days.
Request scoping callSummitBridge Horizon Ltd · 71-75 Shelton Street, Covent Garden, London WC2H 9JQ · Companies House 16419201