Zenzero

Security Consultancy - Discovery

The GRC Consultancy Team work to clarify knowledge and understanding of a client's organisation, their functions, and system(s). This includes discovery assessments & analysis of something to confirm status regarding gaps / risks / issues of cloud security in relation to organisational processes.

Features

• Information discovery for security control maturity or gaps in capabilities
• Gap analyses against key security standards to check alignment
• Maturity assessments against the capability maturity model for cloud security
• Frameworks include ISO27001, NCSC 10 Steps, NIST CSF, CSA CCMv4
• Documentation review, workshops, and technical configuration reviews to capture information
• Analysis of findings to highlight risks and recommend remediation actions
• Robust reporting clearly displaying strengths, weaknesses, and recommendations for improvement
• Deconstruction of issues to find effective solutions and activity roadmaps
• Assessments to identify threats, supplier risks, or data protection requirements
• Close coordination with clients to meet specific needs and objectives

Benefits

• Gains clarity from complexity for current company security posture
• Surfaces information paramount to help make executive decisions on security
• Visibility of current status for comparison with future state
• Qualified, experienced professional consultants identifying current strengths and weaknesses
• Deconstructs relationships between people, process and technology for future optimisation
• Information used to develop prioritised roadmaps for future improvement activities
• Formal reporting provides point-in-time evidence of objective security assessments
• Captures information from all business areas often not otherwise identified
• Analyses root cause of security risks to determine best solution(s)
• Helps to profile businesses to identify best protection against threats

£800 to £1,250 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@zenzero.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

197703344514926

Contact

Adam Crossling
03333209900
hello@zenzero.co.uk

Planning

• Planning service: Yes
• How the planning service works: To complete activities for Discovery Assessments, Zenzero consultants will need key information from the Client to get a clear picture of the organisation. Setting up the prerequisites includes mutual identification of:; • Documentation that provides contextual information on security controls and risk appetite of the Client organisation for Desktop Review; • Client personnel relevant for interviews / workshops for Onsite/Remote Reviews; • Systems (line-of-business applications etc.) in scope of Systems / Configuration Review ; The setup of prerequisites enables both Zenzero and Client to align resources (personnel and artefacts) to a schedule of activities, enabling an efficient engagement to be delivered. Once all these resources have been confirmed as established, the engagement can begin to be delivered.; All information gathered from assessments will be utilised in the future planning of cloud support and implementation services.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Cyber security consultancy
  • Security incident management
  • Security audit services

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: N/A

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: N/A

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 28/09/2023
• What the ISO/IEC 27001 doesn’t cover: All sites outside of London & Coventry.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • ISO 27001 Lead Auditor
  • ISO 27001 Lead Implementer
  • ISACA Certified Information Security Manager (CISM)

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Zenzero is actively engaged in Environmental, Social, and Governance (ESG) work, demonstrating a strong commitment to sustainability and ethical practices. They are in the final stages of being a certified B Corporation, which means they meet high standards of social and environmental performance, accountability, and transparency. As part of their ESG efforts, Zenzero has joined the Tech Zero taskforce, aligning with other tech companies to tackle the climate crisis and drive progress towards net zero carbon emissions. They have pledged to become carbon neutral by 2027 and are implementing measures such as an electric vehicle salary sacrifice scheme and cycle to work schemes to reduce their travel emissions

Pricing

• Price: £800 to £1,250 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at hello@zenzero.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.