The Challenge
Cerina Health’s internal team was confronted with two critical compliance milestones.
The first was an ISO 27001:2022 internal audit. To remain compliant with the standard, the audit had to be completed before the formal certification assessment, which was just one week away. Failure to complete the audit in time risked non-compliance and could delay the entire certification process.
The second was a DSPT submission. This was a mandatory requirement for working with NHS organisations, and Cerina had already set an internal deadline for finalising and submitting their entry. Missing this deadline would risk regulatory setbacks, reputational harm, and potential barriers to NHS engagement.
Both tasks required deep knowledge of security frameworks, audit expertise, and precision execution. Compounding the challenge, Cerina had limited capacity to deliver both workstreams in parallel, heightening the risk of missed deadlines and service disruption.
The Solution
Periculo acted quickly, assigning one of our consultants, Jack, to lead the engagement. The focus was on delivering practical, high-quality audits at speed, without sacrificing rigour or attention to detail.
The engagement included an accelerated internal audit of Cerina’s Information Security Management System (ISMS), covering all ISO 27001:2022 clauses and controls, including risk management, documentation, and operational practices. Alongside this, Periculo performed a full audit and quality review of Cerina’s DSPT submission, ensuring it met NHS guidance and was supported by robust evidence.
To cope with the compressed timeline, Periculo also provided flexible resourcing, reallocating time at short notice and adjusting delivery around Cerina’s internal priorities. This agile approach ensured progress on both workstreams without compromise.
Implementation
Periculo’s approach combined structure with agility to meet the tight deadlines:
-
Rapid onboarding: We secured access and began reviewing ISMS documentation the same day.
-
Focused audit execution: High-risk areas were prioritised, with early feedback provided to close gaps ahead of the certification assessment.
-
Clear reporting: Shortfalls against ISO 27001 and DSPT requirements were documented alongside actionable recommendations.
-
Close collaboration: Daily check-ins with Cerina ensured alignment, flexibility, and quick resolution of queries.
This combination of speed, precision, and collaboration enabled Cerina to meet its compliance goals under intense time pressure.
Results
Despite the challenging timeframe, Cerina Health achieved all of its objectives:
-
A completed and fully documented ISO 27001:2022 internal audit, delivered within five working days, enabling them to approach the certification assessment with confidence.
-
A successful DSPT submission, finalised and submitted on time, ensuring compliance with NHS requirements.
-
A stronger, more mature ISMS aligned with the latest version of the ISO standard, with a clear roadmap for ongoing improvement.
-
Freed-up internal resources, allowing the Cerina team to focus on broader compliance priorities while trusting Periculo to lead on audit delivery.
With the clock ticking, Cerina Health needed more than a checkbox exercise. They required a trusted partner who could step in quickly, deliver quality under pressure, and ensure nothing was overlooked. Periculo delivered exactly that.
Through this engagement, Cerina successfully completed its ISO 27001 internal audit in under a week, passed its certification audit with confidence, and submitted a high-quality DSPT application on time. The result was stronger security, enhanced compliance, and complete assurance that no milestones were missed.
%20(1)%20(1).png?width=309&height=69&name=image-001%20(2)%20(1)%20(1).png "periculo")
-1.png)
