Irish IT managed services and digital transformation company HCS has announced the launch of a dedicated governance, risk and compliance practice, designed to help businesses across Ireland manage growing cyber and operational risk while meeting expanding regulatory obligations including NIS2 and DORA.

The development, reported by Irish Tech News, formalises and scales HCS's existing capabilities in governance, assurance and data security into a structured standalone offering.

Key services within the practice include compliance and data protection maturity assessments, continuous compliance monitoring, governance framework development, AI and ISO readiness support, information security and policy development, and vendor risk and third-party reviews. HCS will also provide a Virtual CISO service, delivered on-site or remotely, covering cybersecurity assessments, regulatory gap analysis and alignment with best-practice frameworks.

Lesley Whelan, appointed as Head of Risk and Compliance at HCS, said: "For many organisations, governance and compliance are no longer viewed as box-ticking exercises; they are now central to winning business, maintaining trust, supporting growth, and demonstrating operational maturity."

Whelan brings 20 years of experience in governance, risk and compliance in the IT industry to the role and will lead the practice's development, customer base expansion and strategic growth.

Pamela Farrell, Managing Director of HCS, said: "Cybersecurity, compliance, and resilience can no longer sit solely within the IT function. They are now business-critical issues that require board-level visibility, clear ownership, and ongoing accountability."

The practice targets businesses operating in regulated or high-trust environments, including healthcare, public sector supply chains, critical service environments, technology and professional services, as well as mid-sized and scaling organisations lacking the internal resources to build dedicated compliance teams.

HCS holds ISO 27001 certification for information security management and ISO 9001 for quality management, underpinning the new practice's assurance credentials. The company said the integrated model will remove the need for clients to build internal teams or redirect existing resources, reducing cost while improving governance consistency.