IT is subject to increasing regulation as its impact on everyday life increases. Failure to comply with the relevant legislation is risky, and the legislation changes frequently. The EU's GDPR (General Data Protection Regulation) legislation is an example, but there have been similar requirements before that. In addition to legislation, each organisation may have internal quality standards to adhere to, and will be keen to ensure that best practices are being followed to reduce the risk of data protection (and similar) incidents which can be costly and damaging to a company's reputation. We can review a client's IT operations (particularly systems, processes and data) against specific legislation and highlight the areas for concern. We are also able to design and implement solutions to know issues, particularly where these involve unsupported and legacy software.