OCF is an independent specialist in information assurance that helps organisations to reduce two key areas of risk:

 

• The risk of an information security breach, such as a loss of sensitive information or a malicious attack on an organisation’s IT systems leading to financial loss and/or a loss of reputation; and

• The regulatory risk of compliance with information security requirements such as the Payment Card Industry Data Security Standard (PCI DSS), Financial Conduct Authority (FCA), Gambling Commission, UK Government and NHS requirements.

What unites all our clients is their need for a cost-effective solution to their problem that comes from us not just knowing what they have to comply with, but knowing how to comply in a way that fits their business.

 

A key strength is that we have a deep understanding and wide experience of public sector information security requirements, having worked both with public sector organisations and suppliers to central government, the MOD, police forces and the NHS.

 

 

This expertise is built on the twenty plus years information security experience of our security consultants.  The value of this expertise is that we can guide suppliers to the public sector through the security accreditation process enabling them to get approval to operate their services as quickly and as cost-effectively as possible by following our pragmatic advice.  This expertise covers:

 

• The provision of IT services to Central Government and Agencies where the IT systems require security accreditation by the client Department or Agency;
• Accreditation of MOD systems and projects;
• Approval to connect to the Public Service Network (PSN) (GSi, GSX etc.);
• Accreditation of G-Cloud Services;
• Accreditation of IT services and systems for delivery to the NHS including the handling of Patient Identifiable Data and N3 connection.

 

We deliver all the services required for accreditation through our CESG Certified Risk Assessment and Risk Management Cyber Security Consultancy Services.  A key skill we provide is managing the accreditation process.  We understand what the accreditors want and we speak their language.