BSI PROFESSIONAL SERVICES (UK) LIMITED

BSI Digital Trust - Digital Risk and Advisory (DRA) Service

BSI Digital Risk Advisory (DRA) will support you in counteracting the threat of global cybercrime. We have invested in expanding our global expertise to provide services to meet your business' needs and enable a focused response to cyber threats and improve resilience around your critical information and IT infrastructure

Features

• GovAssure Readiness & NCSC CAF Self-Assessment Validation Support for all
• Compliance & Advisory Support to Digital Risk Regulation & Legislation
• Threat Analysis & NIST Cyber Posture Maturity Assessment
• Comprehensive ISO/IEC 27001:2022 & SOC II Type 2 Support
• Virtual Chief Information Security Officer and Breach Resilience Strategy Consultation
• Security Assurance Services by UK CSC Chartered Consultants
• Governance & Risk Management with UK CSC Chartered Consultants
• Security Architecture with UK CSC Chartered Consultants
• PCI DSS Readiness & Formal Attestation Services with QSA
• Business Continuity Management Services

Benefits

• Tailored expert advisement through the ever-evolving GovAssure requirements
• Expert advice and support ensuring compliance to regulatory requirements
• Breach Resilience through comprehensive determination of threats and defences
• Current state to best practice and next steps to improvement
• Continual or on-demand Security Leadership, independent risk-based advice
• Flexible, scalable support of security best practice and industry insight
• Improved compliance and business decision making through tailored approaches
• Specialist advice in how to improve or evolve IT architecture(s)
• Achievement of compliance to PCI DSS through expert advice
• Determination of process/service criticality, business impact, and recovery objectives

£1,300 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitaltrust.consulting.presales@bsigroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

458514276526342

Contact

Pre Sales
+44(0)345 222 1711
digitaltrust.consulting.presales@bsigroup.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: BSI Digital trust can help buyers to plan the assurance and security architecture requirements for the configuration and deployment of their cloud services We can further ensure that any compliance and risk requirements are met during migrations between cloud services. As an example, the BSI QSA service can be engaged to help buyers plan their cloud implementations in a way which controls the scope of their PCI DSS compliance requirements to reduce cost and complexity.; ; Our CRA consultants have proven experience in supporting clients in their “Lift and Shift” programmes, transferring systems and applications from traditional legacy environments into hybrid cloud environments.; ; Our teams have also utilised cloud services such as Druva, Exonar, McAfee, Proofpoint, Scalable, and Zscaler to enhance the overall management and security of client environments.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • Druva
  • Exonar
  • Menlo
  • Proofpoint
  • Relativity
  • Scalable
  • Skyhigh
  • Zscaler

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • CISSP
  • Offensive Security

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No significant constraints on the service.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support is available on a 09:00 to 17:00 basis during normal business days (Monday to Friday excluding Bank Holidays).; ; Initial response will be within a maximum of 2 business days.; ; Full response within 5 business days subject to scope.; ; Additional support can be made available by arrangement.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Standard email and telephone support is available on a 09:00 to 17:00 basis during normal business days (Monday to Friday excluding Bank Holidays) with an initial response will be within a maximum of 2 business days and a full response within 5 business days subject to scope.; ; Extended support can be made available by arrangement at extra cost dependent on requirements - this can include access to either commercial, consultative or technical resource, as required.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Qualys, Zscaler, Proofpoint, Menlo, NowVertical, Druva, Okta

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe (UK) Ltd
• ISO/IEC 27001 accreditation date: 23/10/2013
• What the ISO/IEC 27001 doesn’t cover: No exceptions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • NCSC Evaluation Partner (CAS)
  • PCI DSS - Qualified Security Assessors (QSA)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As opportunity accelerators in this space, we follow sustainability best practice to become our own best-in-class case study, utilizing the standards and sustainability solutions we share with our partners wherever possible. ; ; We are proud of the responsibility we have, enabling organizations to accelerate progress towards a sustainable future. Combatting climate change is one of societies top priorities, and we know that will mean profound change alongside practical problem solving. That starts by ensuring our own operations are a shining example of how we live our purpose. ; ; BSI has been a carbon neutral organisation since 2020, investing in high quality carbon credits with our partners to balance the GHG emissions that we produce in our business activities. We believe that investment in a carbon market that is transparent and credible is a meaningful tool on our path to our carbon reduction goals. We also work closely with the Integrity Council for the Voluntary Carbon Market (ICVCM) to ensure greater transparency, monitoring, and best-in-class verification, all in service of deepening trust in the systemic measures. ; ; At COP 27, BSI took a lead role with a network called ‘Our 2050 World’ to launch The Net Zero Guidelines (ISO IWA42:2022). These provide guiding principles to limit global warming to 1.5 degrees Centigrade in order to propel government and organizations to accelerate action towards a more sustainable future.; ; Our Operational Sustainability Excellence (OSE) team works closely with senior leadership at all levels to drive this. As a result, each business leader has been given their own carbon ‘budget’ for the year. This distributes sustainability ownership throughout the organisation and allows our leaders to guide carbon reduction success. ; ; It's very important that our decarbonisation strategy reflects BSI’s sustainability purpose, delivering positive impact on our society and the environment.

  Covid-19 recovery

  At BSI, our philosophy is that if we look after our people, our people will look after our clients and support each other. ; ; We focus on the physical and mental wellbeing of our people to ensure we provided support in moments which mattered most to them. A global Covid-19 working group was established to anticipate and implement practical solutions to the changing working requirements due to the pandemic. Our continuous listening strategy helped us shape our wellbeing programme. We focused on building capability globally with our certified mental health first aiders who have delivered mental health awareness training. ; ; During the pandemic, concern for BSI employee and client safety, coupled with travel restrictions and limited access to client sites, meant most of our services were challenged. To ensure the continuity of a high-quality service, BSI immediately transitioned from an onsite to a remote service delivery model with operations shifting entirely to immersive audit, certification, and consultancy delivery in less than a week. We maintained a high-quality service delivering 100% of audits remotely at the height of the covid pandemic through the use of remote technology. This rapid transition was enabled as a result of 18 months of testing and our commitment to the UN Sustainable Development Goals. Our global experts worked with our Innovation Team to test multiple hardware and software technology. This testing led to development of different levels of immersive technology, allowing BSI to support clients in most environments. Regardless of the type of audit methodology employed, our auditors continue to deliver the same high standards of service in-line with agreed service levels which is demonstrated by our high customer satisfaction scores. ; Throughout the pandemic, our auditors achieved a Customer Satisfaction score of 9.6/10 by delivering audits remotely through the use of live web streaming technology.

  Tackling economic inequality

  BSI is dedicated to maximizing social value through our organization, particularly in addressing and mitigating economic inequality. Our strategy aligns with the Civil Society Strategy and the Public Services (Social Value) Act of 2012 enhancements, aiming to embed social value deeply within our procurement processes. ; ; We also work with Career Ready, the national social mobility charity, providing mentorships for young people, paid internships and masterclasses. In addition, we partner with Speaker for Schools to create work experience placements for young people who lack networks, creating a fairer and more level playing field for gaining quality work experiences. ; ; To tackle economic inequality globally, BSI’s International Projects team has worked in over 50 developing countries and transition economies over the last 20 years. Our interventions have been designed to help improve those countries’ quality infrastructure, trade and investment flows, and to facilitate increased opportunities for market access, and tackle crises such as the COVID-19 pandemic, by bringing procedures in line with international standards and requirements. ; ; We continue to actively seek gender balance in our candidate shortlists, spanning all roles and levels. We have made a great deal of progress in this area and have significantly improved our success rate in appointing women to senior roles over the last two years. We continue further work as we address female representation across the feeder roles to leadership. ; ; Our organisation has Silver Employer Recognition Status (Armed Forces Covenant) and employs several ex-military personal in various roles. ; ; As part of our commitment to group-wide equality and diversity, BSI monitors the terms of employment for all employees to ensure that all colleagues are being offered appropriate access to benefits, training and promotion opportunities.

  Equal opportunity

  By implementing and certifying against standards, regulation and consensus best practice BSI is a catalyst for positive change, creating an enduring legacy of improvement for our clients, their customers and society. ; ; In standards development, there has been extensive work on an inclusive standards development environment and process, enabling the development of inclusive standards and increasing the diversity (stakeholder, organization, individual) of standards-makers. In Assurance Services, there is pioneering work on the Prioritising People framework, inclusive approaches to commercial training and the recent success of the Inclusive Services kitemark. In Regulatory Services, diversity is at the heart of ground-breaking work on AI and medical regulation. More broadly, the brand team have been shaping conversations in the market with campaigns such as the Second Glass Ceiling and the launch of the new menopause standard. ; ; We have bold plans for diversity and inclusion inside BSI, having made important progress in recent years. We are committed to improving the gender and ethnic diversity of our leadership teams, with a particular focus on the attraction and hiring processes. We are improving our understanding of the demographic make-up of our population, as this will be a vital tool in measuring impact and progress. We are also strengthening our employee resource groups to ensure under-represented voices have more opportunity to contribute to and shape the BSI landscape. ; ; Quick facts ; BSI has three employee groups – Women’s Network, Black Alliance and LGBTQ+ ; Our most senior global executive leadership team is 55% female ; A ground-breaking global programme of awareness and celebration events including Deaf Awareness Week, Black History Month, International Women’s Day, Pride, Wellbeing Week, Accessibility Awareness, Faith Week; ; We are currently building relationships with universities and scholarship foundations to help reach groups who may not traditionally consider entry to BSI to build their careers.

  Wellbeing

  At BSI our people are our competitive advantage we want them to thrive by building a collaborative culture where our people are inspired and empowered to deliver our purpose. This means creating an open, inclusive, collaborative and ultimately high-performing organization. This focus on building a healthy culture is foundational in terms of our success. ; ; We established a series of colleague affinity groups and we continue to evolve our Talent and People policies. We also launched a best practice framework on workplace wellbeing, BSI’s Prioritizing People Model, and we are aligning our internal approach to this. ; ; Promoting wellbeing is an important strand of our activities as we continue to develop our wellbeing program, informed by our continuous listening strategy and colleague surveys. We have expanded our cohort of certified mental health first aiders and the implementation of a global service through our partners at International SOS means our employees can access support and alternative health advice if required. ; ; BSI is a participant in the United Nations Global Compact (UNGC), having been a signatory since 2018, and continues to support its principles. We do this by tackling issues in our direct operations, by using our position as the UK National Standards Body (NSB) to bring together thought leaders on these issues, and by helping our clients improve their performance in four principle areas of human rights, labour practices, environment and anti-corruption. ; ; BSI invests in a range of awareness sessions for employees covering race, gender, and sexual orientation equality and understanding bias. These are offered at regular intervals throughout the year as well as part of the initial employee induction programme. BSI also monitors the conditions of service of all employees and their progression to ensure that they are being offered the appropriate access to benefits, training, and promotion opportunities.

Pricing

• Price: £1,300 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitaltrust.consulting.presales@bsigroup.com. Tell them what format you need. It will help if you say what assistive technology you use.