function icon

Our Services


our approach

The value of Emantra’s practitioner-based consulting lies in our ability to provide clients with expert advice based on our real-world experience and track record of success. We can help customers navigate the complexities of their particular challenge because we’ve already been there. This type of consulting is refreshingly different from traditional “out of a book” consulting.  We didn’t Google this stuff yesterday.

Emantra offers Enterprise Cyber Risk Management consulting services in the fields listed below:

Review and advisory:

  • Strategic and technical review
  • Cyber maturity and posture assessment
  • Cyber Risk Health Check (See separate Service Description document)
  • Technical due diligence reports for compliance or valuation reasons
  • Risk Management Framework and Review

Governance and Compliance:

  • Essential Eight application
  • Mandatory cyber event reporting
  • Notifiable data breaches
  • SOCI adherence reporting
  • Compliance or gap analysis: Essential 8, PSPF, NIST, NCSC, GDPR, PCI-DSS, HIPAA, SOC.
  • Fiduciary duties

Structure and Documentation:

  • Establishing Policy and Procedure
  • Organisation structure
  • Roles and responsibilities
  • CIO/CISO role definition
  • Permission levels
  • Record keeping

Information Management:

  • Key Information Management Principles
  • Data Classification and Handling
  • Privacy requirements
  • Data and storage location and tiers
  • Backup arrangements
  • Data loss prevention
  • Data loss assessment


Cost and Economics:

  • Cyber risk management budget and priorities
  • In-house versus managed services pros/cons
  • Sovereign platform versus global cloud pros/cons
  • Cyber event loss damage assessment
  • Microsoft M365 E3/E5 licence cost optimisation
  • Microsoft Azure/Sentinel services cost optimisation
  • Network and telco cost analysis and optimisation

Emantra’s consulting work is independent and stand-alone. Emantra will usually have the capability itself or within its partner network to provide follow-up or ongoing services to address any gaps or action points noted. Our report will contain recommendations about this – it is your decision how to proceed.

We will quote the consulting service cost by the hour, by project, or on a retainer basis. The cost will depend on the specific services provided, the consultant’s experience and qualifications, and your organisation’s size and complexity. The price may include software or tools to assess the organisation’s cyber risk.

Call Emantra anytime on 1300 728 953 for more about our range of consulting services and whether they will suit your requirements.


Emantra's consulting is based on our 17 year practitioner experience in cyber security.

Assured compliance

man on the phone sitting in front of several screens

Compliance involves firstly determining what relevant legislation, policy or commercial mandates apply to your organisation and the extent of your required legal or fiduciary responsibility at different role levels.  Once these are discovered, analysed and communicated, Emantra can put in place measures that monitor changes in mandates and assure ongoing compliance, for example in the following areas:

  • Legislation: e.g. Notifiable breaches, record keeping, privacy,
    directors responsibilities, legal admissibility
  • Privacy: e.g., Australian Privacy Principles, HIPAA (US), GDPR (UK/EU) which may apply in Australia if you are dealing with relevant foreign entities or citizens
  • Supplier mandates: e.g., Supply chain lead, DISP, SOCI, APRA, PCI, ASX, HIPAA (US)
  • Legal: eg. record keeping, legal admissibility, digital forensics
  • Commercial: Fiduciary, confidentiality, competitor
  • Best practice and preparedness: ISO27000, IRAP,ISM,  ACSC Essential 8,