Protection Group International Limited

GDPR and DPA (2018) services

PGI's Information Assurance practice can support your organisation with the protection of your data and ensure compliance with the GDPR/DPA. Compliance indicates your organisation's commitment and ability to protect its data assets which contain PII.

Features

• Gap analysis between your organisation and the Regulation
• Information risk management and assets
• Policy and procedure review and creation
• Review of Privacy Notices
• Assistance with completion of Personal Data Register Template
• Assistance with completion of Data Protection Impact Assessments
• Development of procedures for managing requests from data subjects

Benefits

• Reduces the risk of fines from the Information Commissioner's Office
• Improved response times to customer privacy requests
• Enables prioritization of spending on key areas based on risk
• Standardised documentation and processes for dealing with enquiries

£675 to £1,500 an instance a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pgitl.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

240340561714946

Contact

Mike Tipson
020 4566 6600
bidteam@pgitl.com

Planning

• Planning service: Yes
• How the planning service works: Our Information Assurance experts would work closely with you to understand organisational requirements, then develop a programme that meets your needs in an appropriate timescale.; ; We will help you to establish, document and justify the personal data processing activities that are performed by your organisation.; ; Our consultants are equipped with a practical understanding of data protection legislation and its application. This means that we can provide reassurance that your processing activities are lawful, justified and appropriately documented.; ; PGI consultants’ expertise in data protection legislation means they can accurately assess your organisation’s current levels of compliance and provide pragmatic recommendations.; ; With our help, a gap analysis can be performed more efficiently and effectively than by internal staff, who are likely to hold other responsibilities, and may not be as familiar with the requirements of the Data Protection Act and the GDPR.; ; Our expertise and experience can help you devise an effective continuous improvement programme that is appropriate for your organisation. We provide you with specialist knowledge and resource capacity, enabling your workforce to concentrate on core operations.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: PGI’s Information Assurance Team delivers training on all aspects of data protection and the General Data Protection Regulation (GDPR). ; ; Our experienced consultants use real life scenarios to help provide context and enhance delegates’ understanding of the various requirements of the Regulation. ; ; Our operational trainers are qualified, relied upon and have worked for organisations in critical national infrastructure, government, corporate, charity and small-to-medium enterprises to help restore their systems which adds significant value to delivery of training, contextualised through real-life scenarios.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: PGI's experts would work with you to understand your requirements and to help you determine the most appropriate location for the services required. These could be hosted on premise or elsewhere, and PGI will work with the client to ensure that all appropriate security measures are considered.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: In a similar manner to Business Continuity and Incident Response testing, our team would work with you to test and refine the various process related to GDPR/DPA, including how your organisation deals with personal data queries. This will give you confidence that your procedures are practical, fit for purpose, and that your workforce know what is expected of them.; ; With our support, your organisation can be assured that control measures implemented are pragmatic, and provide the appropriate levels of assurance.; ; As an example, PGI's consultants can apply their expertise to develop data protection related policies, procedures and privacy notices, build registers of processing activities, and perform Data Protection Impact Assessments (DPIAs).; ; Engaging with us allows an independent and unbiased view of the suitability of the controls being implemented.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CREST
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • General Data Protection Regulation (GDPR) Practitioner
  • Certified Information Security Manager
  • Certificate in Information Security Management Principles
  • Certificate in Information Security Management Principles
  • ISO 27001 Certified ISMS Lead Auditor
  • PCI QSA
  • CDCAT Practitioner
  • CompTIA Network+
  • CompTIA Security+
  • CompTIA Advanced Security Practitioner

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: PGI are happy to provide ongoing support to organisations, either in developing GDPR compliant practices or in maintaining them on a continuous basis. This may be achieved by providing resource regularly on site , or could be through remote support and conference calls, depending on client requirements.

Service scope

• Service constraints: PGI have no constraints on the services we provide. Work can be carried out on site or remotely, depending on client requirements.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Responses will normally be within one working day, unless in the middle of an incident / project when response times will usually be quicker. Weekend response times may be different, depending on contractual requirements.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support levels would be agreed on a project by project basis. Cost for support will be determined based on client requirements. Typically each client will be assigned a lead contact, who may be one of PGI's consultants or may be part of the sales team. This will depend on the nature of the project being undertaken.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 28/04/2022
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: CREST

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  PGI is an equal opportunity employer, with a strong focus on Diversity, Equity and Inclusion.

  Wellbeing

  PGI provides staff with support across mental and physical health.

Pricing

• Price: £675 to £1,500 an instance a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bidteam@pgitl.com. Tell them what format you need. It will help if you say what assistive technology you use.