Services • Uncommon Correlation

We offer consultancy on data and data processing systems at both the strategic and tactical levels.

Implementation of ISO 27001

We help organisations achieve ISO 27001 accreditation with a UKAS-approved body.

We can offer the following, depending on the maturity of the organisation and its policies and practices:
- ISO 27001 Gap Analysis
- Development of the Information Security Management System
- Review of an established ISMS
- Risk Analysis
- Training and testing against an established ISMS
- Yearly review
As such, our service can take an organisation from no ISMS to a fully accredited operation with all policies and procedures in place, in practice, and in an established cycle of continuous development.

Establish a Culture of Concern for Information Security

Our unique expertise and process maps ISO 27001 with the risk assessments and analysis necessary to perform a proper Data Protection Impact Assessment (DPIA), and is mapped to the Cyber Assessment Framework from the NCSC. This means your organisation can become ISO 27001 accredited, be compliant with DPA 2018 and even meet the EU’s Security of Networks and Information Systems if you qualify as an Operator of Essential Services (OES).
Data Protection Impact Assessment

A Data Protection Impact Assessment (DPIA) is a mandatory exercise under the Data Protection Act 2018. They are more than a security compliance check: they are a comprehensive analysis system which will help you implement necessary safeguards upon data and minimise risk to your operations.

Every stage of your data processing operations matter - from acquisition through storage to processing and value delivery - and Uncommon Correlation’s meticulous analysis will reveal any weaknesses or risks throughout.

DPIA: old practices with added value

Organisations have a duty to protect their people, business, customers, and their data. DPIAs are mandatory, but don’t need to be a chore: your infrastructure, clients, and management need the assurance and safeguards it provides.

Presenting a thorough and scrupulous examination of your data, analysing data entered, processed, stored and transmitted out of your system, Uncommon Correlation assesses the real liabilities your organisation is facing.

Uncommon Correlation can show you how clear and simple the DPIA guidelines are, how to apply them throughout your delivery lifecycle, and how to educate your staff. Security has become the paramount criterion for the stability and viability of organisations.
Implementing Agile

Efficiency and excellence is hindered by ineffective procedures and counterproductive project management.

The Agile methodology serves data-intensive software-focused teams particularly well, as learning development is key to deliver an effective and meaningful software product.

Implementing Agile principles in a team must be carried out with respect to the team itself. Each team is different, just as all the individual team members are. Therefore, implementation of Agile is more to be brought out of the team as it is put in. Likewise, the Agile manifesto should be applied to the rollout of Agile itself.

We first must examine and assess your organisation and its methodologies. This will involve senior management as well as the engineering team, and covers processes, testing, infrastructure, assets, and goals. We use this data as a baseline for the organisation to measure the outcomes of the transformation against, and as a starter to determine with the team the best implementation of the Agile manifesto for the team itself.

Uncommon Correlation works to facilitate the transition to Agile, and for this process, we recommend short development cycles, of two to four weeks.
New Software Development Team Creation

We will build the team your software needs: performant, reliable, and talented. We know creating a great software team goes beyond people management, and serves morale as well as revenue.

We examine your software objectives, assessing viability, timescale, risk, and available assets, then use the data to assess what roles and experience you need.

We can further assist by drafting job descriptions and supporting in interviews.
Requirements Gathering for Software Design

Knowing the domain is as important to software development as one’s strategic objectives. Arguably, without a sound basis in the reality of the field a software will operate in, any strategy will likely miss its mark.

Uncommon Correlation specialise in building robust requirements for software development.

Our work starts with an analysis of the strategic objectives of both the organisation, and the project at hand. We take into account the resources and assets available to the software development team. Then, we establish a clear and detailed analysis of the domain, examining the domain logic, the known factors operating within the domain, the known unknown factors which may need to be explored. Building on this foundation, the user base will be defined, with key personas identified, from end-users to owner-users. Finally, we will frame our research a conceptual schema for the domain and the end-product data model, and an extensive list of user journeys and intended outputs and outcomes for each.

Given our expertise, our service also allows us to compliment our materials with a report outlining prospective risks, challenges and opportunities, as well as refinements which may be highlighted as necessry within the strategic objectives.
Risk Assessment

What you have yet to uncover about your organisation, data, strategy, and software, matters more than targets and objectives.

A comprehensive review of your risks is dependant on the organisation or operation fully understanding itself.

Uncommon Correlation takes a discovery driven approach to risk management. Our analysis takes place at all levels, from leadership to the operational staff. We build a robust domain model from which we identify risks as well as opportunities.

A risk analysis is a foundation of our Data Protection Impact Assessment service.
Software Development Performance Analysis

Building a strong software development team may be challenging, but maintaining it is even harder.

Uncommon Correlation will conduct a thorough review of the organisation, with a purpose to provide simple, practical advice on how to improve team performance.

Initially we will cover:
- organisational strategy
- strengths and weaknesses of the development team
- tooling and resourcing
We then use this as wider framing data for the analysis, and conduct interviews with key staff to establish the details of current performance. Crucially, this includes gathering suggestions for improvements from all levels of the team, so as to bring out the change, rather than impose it.

We will use this to propose key recommendations on how best to improve team performance, along with a set of procedures and practices that can be used to record team improvements as recommendations are implemented.
Strategic Thinking

Building a strategy is an important task and requires a demonstrable understanding of your organisation - infrastructure, assets, process, data, communication, people and management methodology.

How to develop the best strategy for your organisation and your goals, and how to accurately implement it, are the key questions to ask.

Process and Results

Strategic thinking enables senior leadership to think proactively and inclusively, nurturing an innovative, nuturing an innovative culture that will enhance software development and human engagement.

Uncommon Correlation begins the strategic thinking process with a discovery analysis of the organisation’s current capabilities and assets. We follow this with a breakdown of the domain that the organisation operates in.

Using this knowledge, we work with leadership to craft coherent and actionable strategies against measurable and time-bound strategic objectives.