About Social Catalyst UK
We exist to help organisations that work directly with people and handle sensitive information about their lives, needs, risks, aspirations and circumstances take information security and AI governance seriously.
We help turn information security and AI governance into something practical, proportionate, and manageable. That means clear policies, sensible controls, evidence you can rely on, and a governance approach that fits the real size, risk, and capacity of your organisation.
Our Story
Social Catalyst UK was founded by Antony Kendall, an independent consultant with a career spanning senior operational leadership, governance, compliance, and organisational improvement across some of the UK’s most complex people-focused organisations.
Antony’s background isn’t a typical IT security background, and that’s deliberate. Having spent years as Director of Operations at a major Welsh homelessness charity, leading 350 staff across 80 services and managing a £10M budget, he understands first-hand the governance challenges that people-focused organisations face. He has built and overseen information systems from the ground up, written and reviewed policy frameworks across dozens of organisations, and worked at the intersection of compliance, risk, and operational reality throughout his career.
That experience shaped a simple belief: most organisations do not fail at information security or AI governance because of one single weakness. They fail when people, policies, systems, controls, and oversight are not properly joined up. Decisions get made without guidance. Tools get adopted without review. Policies exist on paper but not in practice.
Social Catalyst UK was built to address that gap through a collaborative model that brings organisational governance, operational experience, technical expertise, and clear evidence together from the start. We work with trusted cybersecurity and systems specialists as part of that model, helping organisations translate technical and organisational risk into practical controls, usable documentation, proportionate decisions, and evidence that stands up in the real world.
Social Catalyst UK exists to make those pieces join up.
Qualifications & Credentials
- Certified PECB ISO/IEC 27001 Lead Auditor
- Certified PECB ISO/IEC 27001 Lead Implementer
- Professional Certificate in AI Governance — Chartered Governance Institute
- ISO 9001 Lead Auditor
- ILM Level 7 — Holistic Leadership Programme
Our Collaborative Model
Social Catalyst UK is built around a collaborative delivery model. Antony leads the governance, risk, policy, and organisational assurance work, while working closely with trusted cybersecurity, systems, and technical specialists as an integral part of how services are delivered.
This gives clients a practical blend of organisational understanding and technical depth: controls that make sense, evidence that stands up, and advice that is proportionate to their real risks, systems, and resources.
Antony remains the lead contact throughout, ensuring clarity, consistency, accountability, and joined-up delivery.
Our Approach
Most client journeys begin with one of our free assessments, a no-obligation starting point that gives you a clear picture of where you stand before committing to anything further.
From there, every engagement is shaped around what you actually need. Antony leads the governance, risk, policy, and assurance work, while technical specialists contribute to the review of systems, controls, cybersecurity, and technical risk. That means you get joined-up advice: practical enough for your team to use, technically informed enough to be credible, and clear enough for leaders, boards, funders, or auditors to act on.
We agree scope and pricing before any work begins. Findings are written in plain language, focused on real risk, and designed to help you improve, not just produce documents that sit unused.
We work with charities, housing providers, SMEs, clinics, care organisations, professional services firms, and other people-facing organisations that handle sensitive information and want to manage risk honestly and practically.
