2MG SOLUTIONS LTD

Risk and Compliance Assessment

Risk and Compliance Service offers a comprehensive solution focused on managing both operational risks and cybersecurity threats. This service ensures that healthcare organisations comply with relevant regulations and maintain operational resilience. Our consultants are highly experienced in threat assessment and risk analysis and have conducted studies across multiple organisations.

Features

• Actively manage security risks.
• Alignment to Government and NCSC policies.
• Customised risk assessment methodologies and tools.
• Supports effective risk management and treatment.
• Security risk assessment associated with healthcare IT operations.
• Security architecture design
• Detailed vulnerability reports
• Security risk reviews and analysis
• Regular audits to ensure ongoing compliance.
• Providing training and advisory expertise for the IT staff.

Benefits

• Understanding of risk assessment process throughout the organisation
• Advice and guidance to ensure compliance with industry best practice
• Expert business engagement and awareness of cyber security risks
• Protect company intellectual property and financial data
• Protection from internal and external cyber security threats
• System-driven and component-driven risk assessments
• Optimised and manageable threat and risk assessment frameworks

£250 to £650 an instance a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@2mgsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

279142194653989

Contact

Marcin Glanc
020 3878 3900
sales@2mgsolutions.com

Planning

• Planning service: Yes
• How the planning service works: Risk Assessment and Initial Planning: 1-2 months.; Strategy Development and Implementation: 2-3 months.; Ongoing Monitoring and Adjustments: Continuous, with annual reviews. (Note: Implementational Planning and Timeline is a customised service, based on individual customer's scope and objectives); ; Our team starts with gaining an understanding of the business objectives, risk appetite, timeframe and budget prior to producing a detailed implementation roadmap. The assessment of the cloud environment will be conducted in accordance with National Cyber Security Centre guidance and customer requirements.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: 2MG Solutions provides training sessions and advisory services to enhance the risk management capabilities of IT staff. 2MG Solutions adopt a model where they are integrated into the operational team to ensure the implementation lifecycle is adhering to operational processes in a specific organisation. Our approach is aimed to maximise training, train the trainer and knowledge transfer across the lifecycle, typically ending in an operational acceptance testing and formal handover process with an option for early life support.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Service allows to move application management and deployment to the cloud, providing access to cloud tools and deployment technologies.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: QAT testing is included in the service. UAT testing is coordinated with users nominated by customers.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications: Other
• Other security testing certifications: CEH EC-Council

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Custom addition to the service, individually agreed with each customer

Service scope

• Service constraints: -

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Custom element of the service, individually agreed with each customer.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Individually agreed with each customer depending on level of service purchased.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: NQA
• ISO/IEC 27001 accreditation date: 05/04/2022
• What the ISO/IEC 27001 doesn’t cover: -
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  By evaluating risks associated with environmental sustainability practices, these assessments can identify opportunities for reducing carbon emissions and promoting eco-friendly healthcare practices, contributing to the fight against climate change.

  Covid-19 recovery

  Assessing risks related to pandemic response measures helps identify gaps in healthcare systems and enables the implementation of effective strategies for mitigating the spread of Covid-19, facilitating faster recovery and improved public health outcomes.

  Tackling economic inequality

  Risk and Compliance assessments ensure that healthcare resources are allocated efficiently, minimising wastage and optimising cost-effectiveness. This helps address economic inequalities by ensuring equitable access to healthcare services and maximising the impact of available resources.

  Equal opportunity

  By identifying and addressing compliance gaps that may hinder equal access to healthcare services, these assessments promote inclusivity and ensure that all individuals have fair and equal opportunities to receive quality care, regardless of their background or circumstances.

  Wellbeing

  Assessing risks related to data security and patient privacy safeguards individuals' wellbeing by ensuring the confidentiality and integrity of their personal health information, thereby fostering trust in the healthcare system and promoting peace of mind among patients.

Pricing

• Price: £250 to £650 an instance a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@2mgsolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.