Ascentor Ltd
Cyber Security for your Project
Experienced and qualified cyber security experts to support all aspects of cyber and information security. Domain specialists in: Secure by Design, information security, security architecture, cyber resilience, supply chain. Information security standards: ISO27001, NIST Cyber Security Framework, NIST 800 series, ISO22301, GovS007, JSP 440, JSP 604, MS Good, Better, Best.
Features
- GRC and Risk Advisor Consultants
- Security Architect - cloud, hybrid and on prem
- Significant experience and success delivering cyber and information security services
- Security Cleared (as a minimum), highest levels of integrity
- Impartial and vendor neutral
- All Consultants have thorough project management experience
- Experienced Secure by Design consultants
- Significant experience of supply chain security
- Significant experience of deploying M365 in OFFICIAL-SENSITIVE environments
- Effective delivery to time, cost and quality objectives
Benefits
- Professional information and cyber security knowledge and expertise
- Determine the cyber and information security risks to IT systems
- Develop technical and non-technical solutions to mitigate information security risks
- Have assurance your IT systems are secure
- Improve your business resilience
- Operate your business with confidence in the 21st century
- Treat cyber security risks holistically
- Use information risk management to identify optimised security spend
Pricing
£785 to £1,230 a unit a day
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at dave.james@ascentor.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.
Framework
G-Cloud 14
Service ID
1 0 8 4 6 6 0 5 4 3 0 1 4 2 5
Contact
Ascentor Ltd
Dave James
Telephone: 01452 881712
Email: dave.james@ascentor.co.uk
Planning
- Planning service
- Yes
- How the planning service works
- Develop a project plan with the organisation highlighting the security activities and artefacts. Plan will likely include; Analysis of business requirements to produce a data map to understand the value of the information to be protected and the data attributes (e.g classification, impact of compromise, where it is hosted, how it is accessed, how it is protected). From the data map develop a risk based approach to identifying the optimal security objectives or security baseline. Work with implementation teams to define security controls to meet security objectives. Define security testing and manage production of any 'get well plan'. Develop the operational security activities to ensure security baseline is maintained. Document the security outcome in a security case highlighting the residual risks to be accepted by the business.
- Planning service works with specific services
- No
Training
- Training service provided
- Yes
- How the training service works
- In most cases where users interact with ICT systems there will be a set of user Security Operating Procedures (SyOPs). As part of a transition to cloud delivered services users must be trained in the SyOPs in order to maintain the security baseline. We can develop and deliver specific SyOP training to all users.
- Training is tied to specific services
- No
Setup and migration
- Setup or migration service available
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- No
Security testing
- Security services
- Yes
- Security services type
-
- Security strategy
- Security risk management
- Security design
- Cyber security consultancy
- Security testing
- Security audit services
- Certified security testers
- Yes
- Security testing certifications
-
- GBEST
- CHECK
- CREST
- Tigerscheme
- Cyber Scheme
Ongoing support
- Ongoing support service
- No
Service scope
- Service constraints
- No constraints
User support
- Email or online ticketing support
- No
- Phone support
- No
- Web chat support
- No
- Support levels
- Support is provided by a dedicated account manager who will be the point of contact for all support requests.
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Developed Vetting (DV)
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Centre for Assessment
- ISO/IEC 27001 accreditation date
- 12/12/2023
- What the ISO/IEC 27001 doesn’t cover
- Anything related to our Facility Security Clearance, Industry Personnel Security Assurance and information classified above Official-Sensitive
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- Yes
- Any other security certifications
- IASME Cyber Assurance Level 2
Social Value
- Social Value
-
Social Value
- Fighting climate change
- Covid-19 recovery
- Tackling economic inequality
- Equal opportunity
- Wellbeing
Fighting climate change
Provision of EV’s as a fleet car, and salary sacrifice scheme made available for all UK staff to access, with the intention to roll out an EV scheme offering across the Group globally.Covid-19 recovery
Hybrid working is now a core working policy across the Group, with the IT infrastructure supplied to all employees. We also still operate blended delievery which gives consultants the opportunity to work remotely for part of their work should it be required by the client.Tackling economic inequality
Investing in opportunities for skills development through internal training schemes. Ensuring salaries are benchmarked fairly and people are remunerated in line with the role and region. Paying above minimum wage in all regions Providing access to healthcare benefits Inclusivity in recruitment and selectionEqual opportunity
1. We will actively support diversity and inclusion and ensure that all our employees are valued and treated with dignity and respect. We want to encourage everyone in our business to reach their potential. 2. We recognise that discrimination is unacceptable and although equality of opportunity has been a long standing feature of our employment practices and procedure, we have made the decision to adopt a formal equality, inclusion and diversity policy. Breaches of the policy will lead to disciplinary proceedings and, if appropriate, disciplinary action. 3. The aim of the policy is to ensure no job applicant, employee or worker is discriminated against either directly or indirectly on the grounds of age, disability, gender reassignment, marriage and civil partnership, pregnancy or maternity, race, religion or belief, sex or sexual orientation. 4. We will ensure that the policy is circulated to any agencies responsible for our recruitment and a copy of the policy will be made available for all employees and made known to all applicants for employment. 5. The policy will be communicated to all private contractors reminding them of their responsibilities towards the equality of opportunity. 6. The policy will be implemented in accordance with the appropriate statutory requirements and full account will be taken of all available guidance and in particular any relevant Codes of Practice. 7. We will maintain a neutral working environment in which no employee or worker feels under threat or intimidated.Wellbeing
Employee Assistance Programme across all platforms Healthcare and benefits options available to staff across the Group Mental Health Champions in the UK
Pricing
- Price
- £785 to £1,230 a unit a day
- Discount for educational organisations
- No
Service documents
Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format,
email the supplier at dave.james@ascentor.co.uk.
Tell them what format you need. It will help if you say what assistive technology you use.