Meeting Public Sector Security Requirements

 

This consultancy service encompasses the information security advice for the accreditation of information systems within the public sector including Central Government, MOD, Government Agencies, Local Authorities, NHS and Police.

 

The services we provide include:

• Development of risk assessments in accordance with HMG requirements
• Development of security architectures and the provision of expert security advice to meet HMG requirements
• The development of Risk Management and Accreditation Documentation Sets (RMADS)
• The implementation and audit of ISO 27001 Information Security Management Systems - a key requirement for the management of information security in public sector systems
• The development and implementation of specific policies meeting HMG requirements such as policies for cryptography, protective monitoring, incident management and IT and media disposal
• The development of Privacy Impact Assessments meeting the Information Commissioner's guidelines to inform the legal, security and data handling requirements for the processing of personal data as well as the development of Data Protection policies and procedures
• The development of documentation for PSN and G-Cloud accreditation

We have a strong track record of delivering expert security advice both to public sector clients and to providers of services to the public sector.  We are thoroughly familiar with both the requirements of the Security Policy Framework (SPF), the MOD’s JSP 440 and the requirements for connection to the Public Services Network (PSN) and G-Cloud Accreditation.  We have also worked extensively for both NHS clients and for information system providers to the NHS. We have CESG Certified Security Professionals who have some twenty years experience of delivering security advice to HMG, NHS and MOD projects who can provide a practical interpretation of the requirements.