Advent IM Ltd

Data Protection, Privacy Management (ISO27701) & GDPR Services

Advent IM helps public sector organisations comply with the Data Protection Act (DPA), GDPR, ICO Privacy and Electronic Communications Regulations (PECR), and ISO27701 for privacy management of personal data within the UK and data off-shored overseas. Includes reviews of policies, procedures, DPIAs, ISAs/DSAs, IARs, FOI and SAR processes.

Features

• Data Compliance Checks and Audits against DPA, GDPR and PECR
• Writing, reviewing and updating Data Protection Policies and Procedures
• Data Protection Impact Assessments (DPIAs)
• Information/Data Sharing Agreements (ISA/DSA), Information Asset Register (IARs) reviews
• CCTV Policy and Strategy compliance with legislation and regulation
• Data Protection & GDPR Awareness Training
• Identifying DPA/GDPR Responsibilities when Off-shoring or using Cloud
• New/Emerging Directives advice: Data Protection and Digital Information Bill (DPDI)
• MyDataProtectionOfficer – outsourced DPO support and guidance
• Compliance with/certification to ISO27701 for Privacy Management

Benefits

• Integrated approach reducing duplication of effort and bureaucracy
• Mentoring approach ensures knowledge is transferred internally to client staff
• Tailored solutions, fit for purpose not out of a box
• Provision of agile, pragmatic and proportionate solutions
• Independent of product vendors
• Reducing risk of ICO fines, damaged reputation from security breaches
• Delivered by qualified and experienced Data Protection Practitioners
• Simplifying legal language with common sense solutions

£750 to £1,500 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julia.mccarron@advent-im.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

406830545005332

Contact

Julia McCarron
0121 559 6699
julia.mccarron@advent-im.co.uk

Planning

• Planning service: Yes
• How the planning service works: We assist with and can lead on the design and assurance of all UK and off-shore cloud hosting requirements covering Infrastructure-as-a-Service, Platform-as-a-Service and Software-as-a-Service deployments. Ensuring they comply with industry best practice security protocols (e.g. CSA Cloud Controls Matrix, NIST, ISO27017/ISO27018, etc), legislative and regulatory requirements (e.g. DPA 2018) and NCSC, HMG, MOD, Police and NHS standards/processes/guidance such as Secure by Design (SbD), NSCS CAF, NIST CSF, ISO27001:2002, GovAssure, Data Security and Protection Toolkit (DSPT). JSP440, JSP604, etc. This involves project initiation, discovery phases, reviews and assessments, document and policy creation and reporting and ensures security is embedded throughout the whole delivery lifecycle following either Agile/Scrum/Kanban/Waterfall delivery approaches. We identify cloud-based threats and vulnerabilities using various methodologies such as MITRE, IRAM2, STRIDE and OWASP to support risk analysis and then support the selection of appropriate controls to manage risk appropriately.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: We provide training to support the information security aspects related to cloud software and hosting including general awareness, DPA/GDPR, and role specific training such as Senior Information Risk Owner (SIRO), Information Asset Owners (IAO) - Essentials, Intermediate and Advanced and Cyber Security Awareness training for Business Leaders as well as PASF/TPAP training for Police and its suppliers. Many of our sources are CPD certified.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Security Assurance
  • Data Protection Consultancy
  • Business Continuity Consultancy
  • Physical Security Consultancy
  • Security Training
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: One full day consists of 7.5 hours exclusive of lunch and travel. Working week is considered as Monday to Friday exclusive of national holidays. Weekends are charged at twice the standard day rate. Standard office opening hours are 08:30 to 17:30 Monday to Friday exclusive of national holidays and the week between Christmas and New Year.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: All email correspondence to be acknowledged within 1 working day of receipt or by the end of the next working day if the query is received during a weekend, with an estimated date/time for any queries to be resolved.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: We are not providers or cloud software or hosting platforms so do not provide support in the traditional technical sense via a support desk. We do however provide consultancy support to our clients as part of our service delivery. We are available via Email, Teams, Phone, Onsite 9-5 Mon- Fri excluding national holidays and the week between Christmas and New Year. Support is dependent upon the nature of the requirement.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: British Assessment Bureau
• ISO/IEC 27001 accreditation date: 02/02/2024
• What the ISO/IEC 27001 doesn’t cover: No exclusions - whole organisation is covered
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • CISSP
  • CISM
  • ISO9001

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Advent IM is committed to creating a sustainable and inclusive working environment for staff and clients in order to optimise efficiencies and value for money in service delivery with social values part of our ethos and core values. Specifically, we have an Environmental Policy designed to reduce the impact on the environment and fight climate change. We are a paperless organisation, we deliver our services virtually where it is appropriate to do so to reduce travel impact through noise and pollution emissions. We also use public transport where it is appropriate to do so to reduce emissions. We recycle waste and procure materials from renewable sources where possible.

  Covid-19 recovery

  Advent IM is committed to creating a sustainable and inclusive working environment for staff and clients in order to optimise efficiencies and value for money in service delivery with social values part of our ethos and core values. Specifically, Advent IM provides wellness and well-being support to staff who are affected either directly or indirectly by COVID and for any other mental health issue they may encounter. We provide flexible, remote working options. We have 2 long-covid sufferers within our team and have provided compassionate leave to attend clinical sessions designed to understand the effects of long covid and drive improvements in treatment. We provide all staff with access to a Wellness App to aid recovery.

  Tackling economic inequality

  Advent IM is committed to creating a sustainable and inclusive working environment for staff and clients in order to optimise efficiencies and value for money in service delivery with social values part of our ethos and core values. Specifically, we are fully supportive of reducing economic inequality and are committed to ensuring that we are able to achieve this through our business operations and delivery of our services. This includes creating employment and training opportunities accessible to all members of society, including underrepresented groups and disadvantaged socio-economic areas; ensuring no gender wage gap exists within the organisation; sourcing local suppliers to support the local community helping build a stronger economic environment as well as fostering opportunities for growth.

  Equal opportunity

  Advent IM is committed to creating a sustainable and inclusive working environment for staff and clients in order to optimise efficiencies and value for money in service delivery with social values part of our ethos and core values. We fully support the aims of the Equality Act 2010 to promote equal opportunities and fairness for employees, job applicants, clients and partner organisations which we apply through our Equal Opportunities Policy. We are committed to providing a working environment where the rights and dignity of all is respected, and which is free from discrimination, prejudice, intimidation and all forms of harassment and bullying. We are committed to ensuring that all of our employees, job applicants, clients and partner organisations are treated fairly and equally.

  Wellbeing

  Advent IM has a culture of putting the well-being of its staff first as a happy workforce makes for successful business. The work life balance for us is very important and we put in place processes to ensure that is maintained including a flexible remote/hybrid working environment. Our departmental heads have an open door policy for their teams and we offer flexible support when staff are affected by personal issues beyond their control. We provide all staff with access to a Wellness App to aid with any form of wellbeing issue. We provide an Employer Support Volunteering Scheme which is proven to assist individuals with mental health struggles. We support the Armed Forces Covenant and offer employment opportunities and support to those who serve/served in the armed forces.

Pricing

• Price: £750 to £1,500 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at julia.mccarron@advent-im.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.