Agio FCA Cyber Security Governance Programme

We’ve created a 360° solution to address the FCA’s 48-question Cyber Security Resiliency Questionnaire, the NCSC’s 10 Steps to Cyber Security as well as their 51 Cyber Essentials.

Download Overview

The FCA, PRA, and Bank of England agree that firms must develop an internal security culture and focus on cyber resilience. That is where Agio’s FCA Cyber Security Governance Programme comes into the picture. Specifically aligned with the FCA’s Cyber Essentials certification and the NCSC’s 10 steps to cyber security, our 24-month programme is a way for our hedge fund, private equity, and alternative asset clients in the UK to adopt a security-first culture to protect the assets, and reputations, of their firms. Our deep knowledge of cyber security requirements and recommendations from the SEC, FCA, NCSC, and NIST means our programme is actionable and practical, not just another set of tick boxes.

Security Risk Assessment

We perform an in-depth evaluation of your information security maturity to assess your risk of a cyber security breach.

Policy Review & Development

We create new or review current security policies to stay up to date on requirements from the SEC, FCA, and PRA.

Incident Response Testing

To assess your incident response strategy, we hold yearly tabletop trainings with key executives and host follow-up conversations and whiteboarding collaborations.

Security Architecture Review

After conducting an analysis of your existing security programme, we provide a report with a tailored plan of action for improvement.

Proactive Monitoring

We monitor your domain names and public DNS services, which are increasingly targeted by fraudsters, and alert your firm to unusual activity.

Penetration Testing

Through on-site and remote testing, our experienced team will examine your security position from a hacker’s perspective.

Social Engineering Testing

We provide an office security analysis based on an assessment of your firm’s reaction to internal threats such as pretexting, phishing, and USB drive baiting.

Security Awareness Training

At our annual conference, we share social engineering test results to prepare and train your team on how to prevent and react to cyber security threats.

Cyber Essentials Preparation

NCSC's Cyber Essentials certification is the backbone of our programme. We will prepare your firm to achieve the certification to prove your commitment to cyber security.

Monthly Security Strategy

Your dedicated Project Manager and vCISO will deliver monthly status reports and keep you abreast of updates in the regulatory and cyber security spheres.


Within our interactive Governance Portal, clients can view the status and progress of their programme in real-time.  Our portal also enables live sessions with vCISOs, provides access to documentation for compliance, and adjusts to regulatory shifts in the cyber security landscape — ensuring compliance with more than 12 existing governance frameworks.

We provide your team with a vCISO and an experienced Project Manager, dedicated to ensuring your programme stays on track throughout the year. Along the way, we document every interaction, update, and improvement so you have a record in case you ever need it. We’ve got you covered when it comes to your cyber security health, so you can focus on the areas of your business that need you the most.

Say Yes