TORO RISK SOLUTIONS - GLOBAL LIMITED

Business Services

IT & cybersecurity managed services & consultancy. Security assurance, Certifications: ISO 27001, Cyber Essentials, CE+ certifying body, vCISO Board advisory, penetration testing, Red Team, digital forensics, cyber audit & review, training, cyber incident response, crisis management, phishing, project & programme management, OSINT investigations, due diligence, physical security & risk management.

Features

• Highly professional quality focused
• A bespoke client-first approach
• UK Government SC & DV clearances
• Trusted 3rd party assurance risk management partner to HMG
• 24/7
• Delivered by our in-house UK-based team
• Security at the core of everything we do
• An innovation & values-based culture

Benefits

• Cost effective & efficiency savings
• Risk reduction
• Improved security
• Enhanced privacy
• Employee wellbeing
• Market entry
• Prevent a data breach
• Respond effectively & return to BAU
• Reduce insurance premiums
• Reassure customers

£350 to £1,500 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamesf@torosolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

271459068037698

Contact

Peter Connolly
+44 2081329267
jamesf@torosolutions.co.uk

Planning

• Planning service: Yes
• How the planning service works: Project budget - Toro’s solution will be monitored against a detailed project plan to check that activities and tasks are conducted as envisaged, on time and to budget. Finances are carefully monitored by tracking spend against the project budget on a weekly basis so we can quickly see where spend may be under or over predictions and address this swiftly.; ; Work planning & progress – The project plan provides a clear structure for tasks, activities, resources and responsibilities. The project manager will work to the plan and ensure that activities operate as expected – if not, these issues can quickly be addressed.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • Microsoft Office 365
  • Software support
  • Maintaining access to data, systems & services
  • Single sign on (SSO)
  • SharePoint migration
  • Integration and compatibility support
  • Website development
  • Fully managed website hosting & maintenance
  • BYOD Management

Training

• Training service provided: Yes
• How the training service works: Microsoft Office 365,; SharePoint,; SIEM,; Incident Response,; Google Workspace,; Phishing,; Penetration Testing,; Code review.
• Training is tied to specific services: Yes
• Services the training service works with:
  • Qualys
  • Microsoft Office 365
  • Microsoft Entra ID (formerly Azure AD)
  • Firewall management
  • Intrusion detection and response

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Microsoft Office 365 setup, expansion and DNS Changes,; Microsoft Entra Connect (Azure AD Connect) configuration,; Setup SharePoint – Configuration, testing,; Setup Communications site with team sites,; Use SharePoint Migration Tool (SPMT) to migrate data to SharePoint Doc Libraries,; File Migration to Azure Files and SharePoint – structure, permissions, testing,; Setup of Azure Resource Group,; Setup of Storage account,; Setup and configuration of Azure PAAS,; Setup and configuration of client VPN and SASE solutioning; Azure Backup setup and configuration, restore testing,; Configure Azure Backup utility to backup the Azure file shares,; Azure File Sync install and configuration,; Training in Microsoft Office 365.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Ensuring that we utilise the right people. Our team are outstanding industry leaders in their field with decades of experience and the necessary qualifications.; ; Directing approach to ensure consistent standards of work. Our Quality Management Policy mandates how tasks will be undertaken, sets out standards for deliverables and stipulates where responsibilities lie.; ; Promoting a culture of responsibility and accountability. Our teams know what is expected of them and where their responsibilities start and end.; ; Continuous improvement is a fundamental principle in our business management system and risk management framework.; ; We provide assessment, reflection and feedback mechanisms to inform us of any improvements we can make to our policies, procedures and practices.; ; As part of our risk management framework, all staff are responsible for identifying and owning risks and opportunities. This culture of responsibility means that owners are identified and accountable for handling an issue until resolution.; ; At a project level, quality assurance is achieved by determining quantitative and qualitative monitoring, reporting, learning and evaluation. Toro utilises surveys, discussions, online polls, debrief engagements and testimonials with its partners and project stakeholders to ensure that we have a live understanding of how our work is received, enabling us to adjust as required.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: Cyber Scheme

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by a third-party organisation
• How the support service works: 1st, 2nd, 3rd line IT support; Vulnerability management

Service scope

• Service constraints: No

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: P1, High, Immediate action necessary to mitigate current malicious activity / high potential for incident if preventative action is not taken. Respond within 1 hour.; ; P2. Medium. Low potential for incident. Respond within 24 hours.; ; P3. Low / Informational. A monitoring threshold has been exceeded. Informational or maintenance type activities. Respond within 48 hours.; ; Routine support Monday to Friday 9am - 5pm
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: WCAG 2.1 AA or EN 301 549
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: WCAG 2.1 AA or EN 301 549
• Web chat accessibility testing: Freshdesk
• Support levels: P1. High. Immediate action necessary to mitigate current malicious activity / high potential for incident if preventative action is not taken. Within 1 hour.; ; P2. Medium. Low potential for incident. Within 24 hours.; ; P3. Low. A monitoring threshold has been exceeded; Informational or maintenance type activities. Within 48 hours.

Resellers

• Supplier type: Reseller providing extra support
• Organisation whose services are being resold: CybSafe, Qualys, Microsoft, CrowdStrike, Sophos

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 27/07/2023
• What the ISO/IEC 27001 doesn’t cover: Whole company in scope
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Economic inequality creates social problems such as access to healthcare and education, decent work, gender-based violence, institutional racism, and youth unemployment.; ; We create a working environment free of bullying, harassment, victimisation and unlawful discrimination, promoting dignity and respect for all, and where individual differences and the contributions of all staff are recognised and valued.; ; Encourage equality, diversity and inclusion in the workplace as they are good practice and make business sense.; ; Provide equal opportunities in employment, and prevent bullying, harassment, victimisation and unlawful discrimination.; ; Take seriously complaints of bullying, harassment, victimisation and unlawful discrimination by fellow employees, customers, suppliers, visitors, the public and any others in the course of the organisation's work activities.; ; Further, sexual harassment may amount to both an employment rights matter and a criminal matter, such as in sexual assault allegations. In addition, harassment under the Protection from Harassment Act 1997 - which is not limited to circumstances where harassment relates to a protected characteristic - is a criminal offence.; ; Provide training, development and progress available to all staff, who will be helped and encouraged to develop their full potential, so their talents and resources can be fully utilised to maximise the efficiency of the organisation.; ; Review employment practices and procedures when necessary to ensure fairness, and also update them and the policy to take account of changes in the law.; ; Monitor the make-up of the workforce regarding information such as age, sex, ethnic background, sexual orientation, religion or belief, and disability in encouraging equality, diversity and inclusion, and in meeting the aims and commitments set out in the equality, diversity and inclusion policy.; ; Monitoring will also include assessing how the equality, diversity and inclusion policy, and any supporting action plan, are working in practice, reviewing them annually, and considering and taking action to address any issues.

Pricing

• Price: £350 to £1,500 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at jamesf@torosolutions.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.