CGI

Cyber Security in the Supply Chain

As cyber attacks are more sophisticated, criminals increasingly attack not just prime organisations, but exploit vulnerabilities in the supply chain, targeting partners and suppliers. Our services help organisations prioritise their supply chain and provide assurance of the suppliers' prepardness from cyber security attacks.

Features

  • Identify all suppliers within the chain and assign criticality rating
  • Assess risks providing a balanced approach to secure supply chain
  • Improve security assurance across the whole of the supply chain
  • Analyse data in the chain to focus on high risks
  • Develop policies providing controls to balance the level of risk
  • Provide security assurance through the business and corporate environment
  • Protect the end-to-end business in order to operate with confidence
  • Monitor performance and ensure compliance against legal and regulatory standards
  • Sectors:Justice, Policing, Prosecution, Courts, Prisons, Probation, Central Government, Education,

Benefits

  • Reduction in the number of security breaches
  • Clearer understanding by the suppliers on their obligations for compliance
  • Effective monitoring of client's total supply base
  • Heightened cyber awareness
  • Staff motivated to 'Protect the Business'

Pricing

£725 to £1,498 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk.gen.ccsframeworks@cgi.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

2 3 5 5 5 7 3 0 3 7 8 5 3 9 3

Contact

CGI CCS Frameworks Team
Telephone: 08450707765
Email: uk.gen.ccsframeworks@cgi.com

Planning

Planning service
No

Training

Training service provided
No

Setup and migration

Setup or migration service available
No

Quality assurance and performance testing

Quality assurance and performance testing service
No

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
Certified security testers
Yes
Security testing certifications
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme

Ongoing support

Ongoing support service
No

Service scope

Service constraints
The scope of the service can be as wide or as narrow as the client sees fit. We will work with clients to ensure that there is pragmatic approach taken and that any client constraints are fully explored.

User support

Email or online ticketing support
No
Phone support
No
Web chat support
No
Support levels
This service does not provide support

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Intertek Certification Limited
ISO/IEC 27001 accreditation date
07/04/2021
What the ISO/IEC 27001 doesn’t cover
Nothing. The certification covers "The provision of outsourcing, project and consultancy services including development and delivery activities plus the management of people, technologies and physical security in accordance with the Statement of Applicability version 6, dated 24th August 2020."
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Social Value

Fighting climate change

Fighting climate change

CGI is passionate about protecting the environment. Our UK corporate policy, backed by Science Based Targets (SBTs), is to be Net Zero by 2026 and to be operationally Carbon Neutral by the end of 2022.

We commit to:
- Achieving Net Zero, based on SBT measures, no later than 2026.
- Extending the climate change commitment into our supply chain such that 50% of our suppliers, by spend, will have set their own SBTs to reduce their climate impact by 2026.
- Applying our environmental programme ‘No Planet B’ to each opportunity. As part of ‘No Planet B’ we engage with our members, clients, suppliers and communities, to identify and deliver additional benefits including tree planting and canal restoration projects.

We have appointed a UK programme manager to deliver against our Net Zero targets. Alongside our absolute emission targets for operations (Scope 1 and 2) and business travel (Scope 3), we have set a supplier engagement SBT. We will engage with and support all UK suppliers ensuring they are on a Net Zero journey. We will include clients and suppliers in our No Planet B programme to collaborate and develop new initiatives aligned with their priorities.

A contract specific Sustainability Plan and reporting metrics will be developed for each engagement, aligned to the targets in our overall Carbon Reduction plan. Using established data gathering and reporting processes, we will report annually against our commitments and metrics.

Improvement plans will be driven in part by the reporting metrics and feedback from clients and suppliers. We find that our ‘No Planet B’ initiative is the biggest source of innovation.

We are proud of our Net Zero ambitions. With SBTs, contract specific sustainability plans, our reporting commitments and involvement in our ‘No Planet B’ programme, our approach and progress will be fully visible.

Pricing

Price
£725 to £1,498 a unit a day
Discount for educational organisations
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at uk.gen.ccsframeworks@cgi.com. Tell them what format you need. It will help if you say what assistive technology you use.