WBC
Business Continuity Management & Consultancy
Download GDPR Toolkit
from Desktop
General Data Protection Regulation
Consultancy
Business Continuity Planning
Consultancy
Business Continuity Planning
Consultancy
Adapting to today's constantly evolving business environment requires a resilient, well-governed approach to operations. At Westminster Business Continuity, we help organisations across Cheshire and throughout the UK strengthen their ability to respond to disruption, recover quickly, and maintain essential services. Our focus is on practical, effective Business Continuity Management aligned with international standards like ISO 22301 and, where necessary, integrated with GDPR compliance.
With over a decade of specialist consultancy experience, we provide structured support to ensure every aspect of your resilience framework stands up to scrutiny. Led by Mark Jones, our consultancy combines technical expertise with clear, actionable guidance tailored to your organisation’s size, sector, and regulatory environment. Whether you require a complete Business Continuity Management System or targeted assistance with governance, policy, or Business Continuity Exercise testing, we deliver a service grounded in industry best practice and real-world experience across the UK.
The ISO 22301 Health Check
The ISO-22301 Health Check is our initial assessment service. It follows a risk-based approach to evaluate the effectiveness of your existing Business Continuity Plan and overall governance in terms of policies and procedures. This evaluation provides the foundation for all subsequent work and is the perfect starting point for any organisation in Cheshire looking to enhance its resilience.
Our comprehensive review of your Business Continuity Management programme considers its relevance, comprehensiveness, and practicality by assessing the following critical areas:
• Business Continuity Management policy and strategies
• Business Impact Analysis (BIA) approach and implementation
• Business Continuity Exercises and testing protocols
• Incident response process and procedures
This essential self-assessment stage delivers:
• A detailed assessment of your current Business Continuity Plan effectiveness.
• A clear outline of the proposed scope for your BCMS project.
• Realistic project expectations based on your specific organisational requirements.
• Detailed and customised information necessary to develop a strong business case for implementation.
Comprehensive Business Continuity Services
Our Business Continuity Consultancy covers the full lifecycle of continuity management – from analysis and Business Continuity Planning to implementation and review. Our experienced Business Continuity Analyst team works closely with leadership across the UK to review, build, and test frameworks that protect essential services and support long-term resilience.
For organisations in Cheshire and elsewhere, we ensure continuity measures support compliance obligations, giving you a unified and efficient resilience framework.
Our Business Continuity Management ISO-22301 Health Check includes:
• Business Impact Assessment (BIA) and detailed Business Continuity Plan development.
• Reviewing and implementing a robust Business Continuity Management policy and governance structure.
• Developing, documenting, and running detailed Business Continuity Exercises with relevant teams.
• Reviewing, enhancing, or implementing your Incident Management approach.
By partnering with Westminster Business Continuity, your organisation gains an independent, objective view of continuity governance – helping you meet ISO-22301 requirements, satisfy audit expectations, and build stakeholder trust across the UK.
Contact Cheshire-based Westminster Business Continuity today to arrange your complimentary business continuity review and learn how our ISO 22301-aligned consultancy can strengthen your resilience and compliance across the UK and beyond.
Providing Business Continuity & Specialist Data Privacy Support for over 10 years
-
Gap Assessment
-
The Gap Assessment is a detailed set of questions based on the regulation, and will highlight gaps between your current data protection practices and the requirements under GDPR
-
The questionnaire attempts to collect information about the current Data Protection practices of each business unit across your company, in order to assess the regulatory and reputational risks of non-compliance with the EU General Data Protection Regulation ('GDPR')
-
The output will highlight gaps between your current data protection practices and the requirements under GDPR
-
-
2018 Data Protection Act Questionnaire
-
This questionnaire specifically looks at the GDPR and can be used to quickly find out how compliant your company is to the regulation.
-
-
Third Party Information Security GDPR Questionnaire
-
When you have reliance on at least one 3rd party for personal data processing, then this document can be shared with them, for them to complete and provide evidence of their compliance. As part of the GDPR, if you are controlling personal data, and sub-contract to a 3rd party for data processing, then you must be aware of their data protection capabilities.
-
-
Data Privacy Impact Assessment for Business Functions
-
This questionnaire is for internal projects or functions, in order to demonstrate GDPR compliance. The document is written in alignment to the GDPR articles and can be used, following the Gap Assessment, to cross-reference specific requirements and detail for remediation planning
-
-
Scenario Exercise Data Breach
-
Exercises should be run on a regular basis, and target specific key risks which have been identified as required for mitigation. This document will help you design, manage and report on data breach exercises
-
-
Information Asset Register
-
An analysis of where your personally identifiable data resides within your organisation
-
-
Data Protection Policy
-
This is an outline policy which can be adapted for any organisation
-
-
Subject Access Request Policy
-
This policy contains the detail which can be followed during a subject access request
-
-
Data Flow Mapping Approach
-
This shows how you should carry our data mapping
-
-
Data Mapping Tool
-
The data map will determine what personal data your organisation holds, where personal data resides within the organisations day-to-day business and where DPIAs may need to be performed
-
-
Identity Proofing and Verification of an Individual
-
In circumstances where Subject Access Requests or Data Subject Rights information is to be released, the identity of the data subject should be established, in accordance with recital 64 and article 12.6. This document explains how to identify an individual, assisting you with safeguarding the data and your reputation
-