Skip to main content

Help us improve the Digital Marketplace - send your feedback

Sapphire

The Digital Operations Resilience Act (DORA)

Digital Operations Resilience Act (DORA) is an EU regulatory framework designed to enhance the operational resilience of organisations within the financial sector. It provides a comprehensive approach to addressing security challenges and risks posed by the evolving threat landscapes and ensuring safeguards are in place to mitigate and respond.

Features

  • DORA's aligned with the wider EU Network and NIS2 regulations.
  • Financial entities need to be complaint by 17th January 2025.
  • DORA requires resilience with accountability at Senior Management level.
  • Conduct a Gap Analysis against five key areas of compliance.
  • Developing a DORA based security improvement plan before the deadline.
  • DORA has added Threat-Led Penetration testing as a mandatory requirement.
  • Incident response planning, management and reporting must be documented.
  • Implement regular testing and audits to assess security controls.
  • Implement regular testing and audits to assess security controls.
  • Understanding the threats to CIFs or their related assets, dependences.

Benefits

  • Ensuring financial entities have robust risk management processes.
  • Identify, protect, detect, respond and recover from ICT related incidents.
  • Understand the impact of ICT disruptions.
  • Mandate the reporting of significant cyber incidents and responses.
  • Supervising the relationship between financial entities and third-party providers.
  • Develop a robust Risk Management process.

Pricing

£990 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at katie.smith@sapphire.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

2 9 3 0 0 2 1 7 9 7 5 2 7 1 8

Contact

Sapphire Katie Smith
Telephone: 0845 58 27001
Email: katie.smith@sapphire.net

Planning

Planning service
No

Training

Training service provided
Yes
How the training service works
Vulnerability assessment and remediation end user training. All training can be bespoke and tailored to the clients requirements.
Training is tied to specific services
No

Setup and migration

Setup or migration service available
No

Quality assurance and performance testing

Quality assurance and performance testing service
No

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
Certified security testers
Yes
Security testing certifications
  • CHECK
  • CREST
  • Cyber Scheme
  • Other
Other security testing certifications
Cyber Essentials Technical Auditor (CE+)

Ongoing support

Ongoing support service
No

Service scope

Service constraints
None, as the service will be defined during the project scope.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Monday to Friday 9x5 e-mail helpdesk support support@sapphire.net or 0845 58 27999. Questions are typically answered within 4hrs.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Support levels
"
Level 1 - Sapphire Helpdesk The first point of escalation should always be the Sapphire HelpDesk and escalation must be separate from the initial call to log the fault. The Cloud customer must obtain a case reference number for the fault. Level 2 - Sapphire Professional Services Manager This is the second point of escalation in the event of the HelpDesk being uncontactable or an increase in call priority being required. The Cloud customer should quote the case reference number provided. Level 3 - Sapphire Business Services Director This is the third point of escalation in the event of the Manager being uncontactable or a further increase in call priority being required."

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Security Clearance (SC)

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
SGS
ISO/IEC 27001 accreditation date
12/09/2023
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Equal opportunity
  • Wellbeing

Fighting climate change

We make sure that we recycle where we can and take appropriate modes of transport to get to clients. Our offices in Darlington and Glasgow are easily accessible by public transport meaning that many of our colleagues go to an office by these means. For other colleagues, we offer remote working, and colleagues are able to attend an office when they need We are pricing our services to encourage customers to prefer remote access and remote working where possible. One of Sapphire staff is undertaking a part time PHD studying the carbon consequences of cyber crime and it’s mitigation which is inclusive of Sapphire customers and partners.

Covid-19 recovery

We have encouraged our staff back to office working especially in the SOC which runs 24*7 shift patterns. We have recently engaged in local communities by hiring space in local charity buildings for company meetings as in house face to face meetings. We have performed pro-bono work with charities to check their security status and help them move onwards from Covid in the face of increased cyber attacks on charities.

Equal opportunity

We have an Equal Opportunities policy which everyone in Sapphire adheres to. We are currently at 29% of females in our organisation, a number that has grown over the last few months. Our recruitment processes allow us to interview the best people for the roles we have available, and we insist on 50:50 short-lists for all roles. We value the views of others and see as a strength our openness to challenge. We have recently employed further military reservists giving them the opportunity to be deployed overseas helping HM Government. Recently we have signed documentation to join the NCSC Cyber First scheme to help young people especially women and girls to join the ranks of cyber professionals. We also mentor young people who are keen to move into cyber at some stage in their career.

Wellbeing

We take the wellbeing of our colleagues seriously; we offer an Employee Assistance Programme, have health cover, a pension scheme and Life Cover. We also provide opportunities for colleagues to Give Back to local projects/schemes and they can use a day a year to do this.

Pricing

Price
£990 a unit a day
Discount for educational organisations
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at katie.smith@sapphire.net. Tell them what format you need. It will help if you say what assistive technology you use.