Allendevaux & Company

Security | Privacy | Complex Compliance

about us kate pic.png

Our Purpose


We untangle international compliance obligations and prescribe a straightforward approach to data protection assurance and peace of mind.


Our Mission

Every person has fundamental rights and we believe one of those rights is privacy. In today's age, some people have tried to downplay that, but privacy matters.

We're committed to playing our part in helping organisations see that value practically lived out.

Who We Are

Light Gradient.png

Who we are


Allendevaux & Company is a multidisciplinary organisation providing a blend of professional services to its clientele.


With lead principals overseeing unique practice areas, the firm focuses on the following data assurance domains:

What We Do

  • We help organisations understand and document their complex compliance obligations.

  • We implement data protection programmes to conform to popular frameworks such as ISO/IEC 27001 for information security, ISO/IEC 27701 for data privacy, ISO/IEC 22301 for continuity of operations and many others.

  • We provide incident management response services as an independent third party staffed by SIRT teams for rapid response when incidents need identification, containment, eradication, and recovery guidance.

  • We deliver 24x7 monitoring and help desk services to organisations, providing ticketing and triage for networking, computation and firewall support.

  • We perform cybersecurity services, delivering formalized third party attestations by certified individuals.

  • We staff a bug bounty vulnerability disclosure management service, maintaining a database of vulnerabilities and bug bounty reports.

  • We have data protection officers (DPOs) on staff forming a DPO-pool, providing round-the-clock DPO services as an independent third party.

  • The staff within the organisation are highly educated and certified in their practice area. Those providing compliance guidance are equipped with juris doctorates and doctorate degrees. The technical compliance teams carry many certifications including CISSP, CIPT, CompTIA Security+ ce, OSCP, CREST CRT, CREST CPSA. The auditing team carries ISO/ANSI certifications, including CIS LI, CIS LA, CISM, CIPP/US and CIPM.

  • The most popular service offered is Data-Protection-as-a-Service, named DPaaS, which offers a blend of most offerings, permitting a company to pay one monthly fee for access to a daily diet of professional services, helping to maintain compliance with certification schemas.


Our Story

Our story begins with the company’s cofounders, Rebekah Allendevaux and Scott Allendevaux, a married couple working in tandem since the year 2000 in the area of service desk management. Rebekah is an ANSI/ISO/IBITGQ implementer and auditor for data protection services, and Scott is an ISO/ISC2 data protection practitioner with a legal background in data protection law. Over the years, both principals have built managed service desks for large-scale international enterprises and service providers. 


Senior Partner, Cofounder


Dr. Scott Allendevaux

Senior Partner, Cofounder


David Sutherin

Cybersecurity Practice Manager

ICSI Certified ISO 27001 Lead Implementer, CREST CPSA, CompTIA Security+

Rebekah Allendevaux

Leadership Team

Get In Touch


Have any questions? Feel free to contact us with any questions you have and we’ll get back with you.

jodie photoshopped lanyard.jpg
Jodie Oliver

HR / HSE Practice Lead

Anessa Santos, JD

Complex Compliance and General Counsel