Our Services
Meridian IT Advisory provides independent, practical cybersecurity and compliance services designed to help organisations manage risk, meet regulatory obligations, and demonstrate trust to customers and stakeholders.
ISO Consulting
Support for ISO 27001, 27701, 27017, 27018, and 42001 implementation.
Guidance and preparation for AICPA SOC 2.
SOC Reporting and Assurance
Virtual CISO and DPO services.
Virtual Security Leadership
Privacy and Data Protection
Guidance and preparation for GDPR compliance.
Australian Cybersecurity Frameworks
Services aligned with Australian government requirements and best practices such as E8 and ISM.
Internal Audit
Thorough internal audits to ensure compliance and readiness.
ISO Standards Consultation and Implementation
We provide end-to-end consultation and implementation services for international standards, tailored to your business model, risk profile, and operational environment.
ISO/IEC 27001 – Information Security Management Systems - Design and implementation of robust information security management systems aligned to your business and certification objectives.
ISO/IEC 27701 –Privacy Information Management Systems - Extension of ISO 27001 to establish a compliant privacy information management system.
ISO/IEC 27017 – Cloud Security Controls - Implementation of cloud-specific security controls for cloud service providers and customers.
ISO/IEC 27018 – Protection of PII in Public Clouds - Guidance on protecting personally identifiable information in public cloud environments.
ISO/IEC 42001 – Artificial Intelligence Management Systems - Development of governance and controls for the responsible management of artificial intelligence systems.
Virtual Security Leadership
We provide flexible security leadership services for organisations that require senior-level security and privacy expertise without the cost, commitment, and overhead of full-time executive roles. Our approach enables organisations to access experienced leadership on demand, scaled to their size, risk profile, and regulatory obligations.
Our Virtual Chief Information Security Officer (vCISO) services deliver strategic security leadership, governance, and oversight, including security strategy development, risk management, executive reporting, and alignment of information security with business objectives. This ensures security is embedded into decision-making while remaining practical and commercially focused.
Our Virtual Data Protection Officer (vDPO) services provide expert privacy leadership and regulatory guidance, supporting organisations in meeting data protection obligations such as GDPR and related privacy frameworks. Services include privacy governance, regulatory advisory, DPIAs, incident response support, and ongoing oversight of data protection practices to ensure sustained compliance and accountability.
Together, our vCISO and vDPO offerings provide organisations with trusted leadership, regulatory confidence, and practical execution—without the need to maintain full-time executive roles.
SOC Reporting and Assurance
We guide organisations through SOC 2 readiness, gap assessments, and assurance engagements, supporting the design, implementation, and operation of effective control frameworks. Our approach enables successful SOC 2 Type I and Type II outcomes that demonstrate trust, security, and operational maturity to customers, partners, and stakeholders.
Our services are tailored to your business model and include end-to-end support for SOC 2 Type I and Type II engagements across the Trust Services Criteria: Security, Availability, Confidentiality, Processing Integrity, and Privacy.
Privacy and Data Protection - GDPR
We support organisations in achieving and maintaining GDPR compliance by designing pragmatic privacy and data protection frameworks that align regulatory obligations with day-to-day business operations.
Our GDPR advisory services include gap assessments, data mapping, data protection impact assessments (DPIAs), policy and procedure development, and ongoing compliance support tailored to your organisation’s data processing activities and risk profile.
Australian Cybersecurity Frameworks
Essential Eight and ISM
We provide assessment, implementation, and uplift services aligned with Australian regulatory requirements and recognised best practices.
Our services include alignment with the Essential Eight and the Australian Government Information Security Manual (ISM), supporting organisations to strengthen their security posture and meet compliance obligations.
Internal Audit Services
We provide independent internal audits to assess the effectiveness of your management systems, identify gaps, and support certification readiness and continual improvement. Our audits deliver clear, practical findings and actionable recommendations aligned with recognised standards and regulatory expectations.