Last checked at 5 Mar 2018 07:00
NOT FOR RELEASE, DISTRIBUTION, PUBLICATION, DIRECTLY OR INDIRECTLY, IN WHOLE OR IN PART, IN OR INTO OR FROM THE UNITED STATES OF AMERICA, CANADA, AUSTRALIA, NEW ZEALAND, THE REPUBLIC OF SOUTH AFRICA OR JAPAN, OR ANY OTHER JURISDICTION WHERE TO DO SO MIGHT CONSTITUTE A VIOLATION OF THE RELEVANT LAWS OR REGULATIONS OF SUCH JURISDICTION.
5 March 2018
GRC International Group plc
("GRC International", the "Company" or the "Group")
Admission to AIM, First Day of Dealings
GRC International Group plc (AIM:GRC), the one-stop shop for cyber security and data compliance products and services, is pleased to announce the admission of its ordinary shares to trading on the AIM market of the London Stock Exchange at 8:00 a.m. today ("Admission") under the TIDM GRC and the ISIN GB00BG06MV41.
The Company has successfully raised gross proceeds of £5.04 million through a placing of 7,200,000 new ordinary shares at a placing price of 70 pence per share (the "Placing"). Upon Admission, the Company will have a market capitalisation of £40.2 million.
GRC International provides a range of products and services to address the IT governance, risk management and compliance requirements of organisations, enabling them to meet the commercial requirements and regulatory standards that are now in force, or are coming into force, in these areas.
Commenting on Admission, Alan Calder, Chief Executive Officer of GRC International, said:
"We're pleased to announce the admission of GRC International Group plc to the AIM market of the London Stock Exchange today. We are confident that being a public company will allow us to achieve our growth objectives and continue our geographic and market expansion. The current legal cyber security and data protection requirements, combined with the initial funding secured, will allow us to scale up and execute our development plans in order to generate significant value for shareholders."
Grant Thornton UK LLP is acting as Nominated Adviser and Dowgate Capital Stockbrokers Limited is acting as Broker to the Company.
The net proceeds of the Placing will position the Group for its next phase of development by further raising its profile, providing it with funding to accelerate organic growth where there are opportunities to do so and to enable it to pursue acquisitions that will expand its geographic reach or the range of products and services that it is able to offer.
The Company's Admission Document can be viewed at www.grci.group. Copies of the Admission Document will be available at the registered office of the Company, subject to applicable securities laws or regulations. Save where otherwise defined herein or where the context otherwise requires, terms defined in this announcement shall bear the same meaning as in the Company's Admission Document.
Enquiries
GRC International Group plc Alan Calder (CEO) Chris Hartshorne (Finance Director) | www.grci.group +44 33 3800 7000 |
Grant Thornton UK LLP (Nomad) Philip Secrett/ Jen Clarke/ Carolyn Sansom | 020 7383 5100 |
Dowgate Capital Stockbrokers Limited (Broker) James Serjeant | 020 3903 7717 |
Background to the Company
The Group began trading as an online publisher of books and documentation toolkits for IT governance and information security in 2005. Since then it has expanded into providing training courses, consultancy services, online e-learning, software, security testing and certification services. The Group does not sell IT hardware or mass market software relating to data protection or cyber security. It supplies services and products aimed at helping organisations identify their obligations; training employees in the proper procedures and practices; consulting and testing services relating to the procedures and practices; and certifying customers as conforming to Cyber Essentials and issuing statements of conformity to the PCI DSS.
The Group has grown strongly over the last two years with revenues for the year ended 31 March 2017 of £6.83 million (2016: £4.85 million) and profit before tax of £0.71 million (2016: £0.17 million).
As legislation and regulation relating to data protection and cyber security becomes widespread, the standards required will become global. For example, the European GDPR applies from 25 May 2018 and its scope could include all organisations anywhere in the world providing services into the EU. The Group has seen a significant increase in training and consultancy revenue directly related to GDPR since its adoption in April 2016.
Key Strengths
The Group's products and services are designed to help its customers to protect the data they hold by enabling them to (i) understand what their legal, regulatory and commercial obligations are; (ii) identify the risks that exist in their data protection and cyber security systems and procedures; (iii) design and put in place systems and procedures to train their management and employees so that the customer can meet their obligations and address the risks identified; and (iv) obtain certification such as: ISO 27001; PCI DSS or Cyber Essentials. As a leading provider of IT governance training and consultancy services in the UK, the Directors believe that GRC International is well-positioned for continued growth, supported by the following factors:
- Profitable and cash generative
- Addresses the rapidly growing online data, risk and compliance markets
- Experienced management team
- Broad customer base both in the UK and outside the UK
- Depth and breadth of products and services
- One of the leading participants in the UK IT governance market
- Track record of profitable, self-financed growth
- Strong online position
- Potential for sustained growth in the UK and overseas
Products and Services
The Group provides a number of services and products that broadly fit into three divisions (i) Training; (ii) Consultancy; and (iii) Publishing and Software.
Training Division
The Group sells classroom based training courses related to data protection, cyber security, ISO 27001 certification and related topics. The courses are aimed at various different areas of IT governance and at different skill levels. For example, the ISO 27001 courses range from an introduction to ISO 27001 through to qualifying as a lead implementer or lead auditor.
Consultancy Division
The consultancy services provided by the Group include (i) GRC (governance, risk management and compliance) consultancy; and (ii) technical services.
(i) GRC consultancy provides on-site and remote support, helping organisations to design and implement data protection and cyber security policies and procedures. This includes preparation for, and ongoing compliance with, GDPR and achievement and maintenance of ISO 27001 certification.
(ii) Technical services provide a range of services and products including:
- penetration testing, where the Group carries out an authorised simulated attack on a customer's IT systems to test the effectiveness of the systems and procedures and to identify any weaknesses;
- PCI DSS assessments, in respect of the Payment Card Industry Data Security Standard which applies to all organisations worldwide that transmit, process or store payment card data. The PCI DSS requires such organisations to have their data protection and cyber security systems tested regularly; and
- Cyber Essentials certification and consultancy, where the Group provides an accredited certification service through an online portal that helps organisations of all sizes become certified to the UK Government's Cyber Essentials scheme.
Publishing and Software Division
The Group sells books, documentation templates and software via its websites, both those it publishes or writes itself and those supplied by third parties. Most of the books sold by the Group relate to how organisations should manage their IT risk exposures or standards published by various bodies. The Group currently publishes 145 books and pocket guides.
The Group also creates and sells software solutions through its subsidiary, Vigilant Software Limited. One of the Vigilant software tools, vsRisk, provides a program for identifying and recording management decisions relating to the information security risk levels within an organisation.
Board
The Board consists of four Executive Directors and two Non-Executive Directors.
Directors
Andrew Stephen Brode, aged 77, Non-Executive Chairman
In 2012 Andrew acquired an initial shareholding in ITG and joined the board as a non-executive director in November 2012. He was appointed non-executive chairman of the Company in February 2018. Andrew is a chartered accountant and was chief executive of Wolters Kluwer (UK) plc between 1978 and 1990. In 1990 he led the management buyout of Eclipse Group Limited, which was sold to Reed Elsevier plc in 2000. In 1995, he led the management buy-in of RWS Holdings plc, Learning Technologies Group plc and a non-executive director of a number of private equity backed media companies.
Alan Philip Calder, aged 61, Chief Executive Officer
Alan founded IT Governance Limited in 2002, became a director in April 2002 and began working full time for the company in 2007. Prior to this Alan had a number of roles including CEO of Business Link London City Partners from 1995 to 1998 (a government agency focused on helping growing businesses to develop), CEO of Focus Central London from 1998 to 2001 (a training and enterprise council), CEO of Wide Learning from 2001 to 2003 (a supplier of e-learning) and the Outsourced Training Company (2005). Alan was also chairman of CEME (a public-private sector skills partnership) from 2006 to 2011. Alan graduated from the University of Witwatersrand in 1968 and then moved to the UK. Alan has written a number of books about IT management including the definitive compliance guide "IT Governance: An International Guide to Data Security and ISO27001/ISO27002" (co-written with Steve Watkins), which is in its sixth edition and is the basis for the UK Open University's postgraduate course on information security and "IT Governance - Guidelines for Directors".
Christopher (Chris) John Hartshorne FCCA, aged 35, Finance Director
Chris joined the Group in April 2017 as Finance Director. Chris qualified as a Chartered Certified Accountant with Deloitte in 2007 and subsequently worked for PwC. In 2015, Chris joined MM (UK) Limited as financial controller before leaving to take up his position with the Group.
Stephen (Steve) George Watkins, aged 47, Executive Director
Steve joined the Group in April 2008 as a director having previously worked for HM Crown Prosecution Service Inspectorate (2001 to 2006), Focus Central London (1999 to 2001), Business Link London City Partners (1997 to 1999) and OCE from 1994 to 1997. Steve has at various times worked as a consultant to a number of organisations. Steve is Chairman of the UK ISO/IEC 27001 User Group; an ISMS (&ITMS) Technical Assessor for UKAS, a role in which he assesses certification bodies offering ISO 27001 (&ISO 20000-1) accredited certification and Forensic Science Laboratories to the InfoSecurity aspects of the FSR Code; Chair Elect of IST/33, the UK committee that mirrors SC27 and is responsible for UK contributions to ISO 27001 ISO 27002 and related information and cyber security standards; and is a member of other standards committees responsible for privacy and IT Service. Steve has written a number of books relating to data protection and cyber security, including "ISO 27001, a pocket guide". Steve is responsible for managing a number of key customers and for technical matters for the Group.
Neil Roger Acworth, aged 43, Chief Information Officer
Neil joined IT Governance in 2012 as Chief Technology Officer and Chief Information Officer having previously worked at Featurespace where he was chief technology officer (2011 to 2012), Cambridge Assessment (2009 to 2011), Sequel Business Solutions Limited (2006 to 2008 and 1999 to 2004) and Close Brothers Treasury Services (2005 to 2006). Neil was appointed as a director of ITG in April 2017 and is responsible for the Group's information technology systems including its websites and Vigilant, the Group's software development subsidiary.
Richard (Ric) John Piper ACA, aged 65, Independent Non-Executive Director
Ric read Economics at Cambridge University and qualified as a Chartered Accountant in 1977. He held senior finance roles in ICI, Citicorp, Logica and WS Atkins, where he was group Finance Director from 1993 to 2002. He is currently chairman of Turbo Power Systems Limited and a non-executive of AIM-quoted Gattaca plc. In the last five years he has also been chairman of AIM-quoted Concepta plc and Lakehouse plc and a non-executive director of AIM-quoted Electron Technology plc and Turbo Power Systems, Inc, Precision Midstream plc, and Waterman Group plc. Ric is a partner at Restoration Partners and is a member of the Financial Reporting Review Panel.
Important Notice
This announcement is not for publication or distribution, directly or indirectly, in or into the United States of America, including its territories and possessions, any State of the United States and the District of Columbia (together, the "United States"). This announcement is not an offer of or solicitation to purchase or subscribe for securities in the United States. The securities referred to herein have not been and will not be registered under the US Securities Act of 1933, as amended (the "Securities Act"), or other securities laws of the United States, and may not be offered, sold, resold, delivered, distributed or otherwise transferred directly or indirectly except pursuant to a registration statement that has been declared effective under the Securities Act or in transactions exempt from, or not subject to, the registration requirements of the Securities Act or any other applicable securities laws of the United States. No public offering of securities is being made in the United States.
This announcement is only addressed to, and directed at, persons in member states of the European Economic Area who are qualified investors within the meaning of Article 2(1)(e) of the Prospectus Directive ("Qualified Investors"). For these purposes, the expression "Prospectus Directive" means Directive 2003/71/EC, as amended, and includes any relevant implementing measure in each member state of the European Economic Area, which has implemented the Prospectus Directive. In addition, in the United Kingdom, this announcement is addressed to and directed only at Qualified Investors who are (i) persons having professional experience in matters relating to investments, i.e., investment professionals within the meaning of Article 19(5) of the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005 (the "FPO"); (ii) high net-worth companies, unincorporated associations and other bodies within the meaning of Article 49 of the FPO; and (iii) persons to whom it is otherwise lawful to communicate it to. It is not intended that this announcement be distributed or passed on, directly or indirectly, to any other class of person and in any event, and under no circumstances should persons of any other description rely on or act upon the contents of this announcement.
ENDS.