Leading Resolutions Ltd

Cyber Maturity Assessment

The service evaluates an organisations operational resilience and cyber security practices via industry standards from NCSC, SANS and NIST. We assign values to risk, alongside the cost and benefits of recommended steps to reduce risk to acceptable levels including through the use of cloud-based systems and services.

Features

• Structured approach to discovery, analysis, assessment and recommendations
• Engagement via workshops, interviews, review of artefacts, access of systems
• Aligns with leading industry standards from NCSC, SANS and NIST
• GAP analysis of current threat profile vs cyber resilience practice
• Analysis of people, process and technology aspects of cyber security
• Cyber security risks formalised and prioritised via RAG status
• Improvement recommendations that cover strategy, tactics and quick wins
• Improves the alignment of security architecture to business requirements
• Engagement outcomes presented to key stakeholders via presentation and report
• UK based consultants holding SC clearance as required

Benefits

• Establishes a clear baseline from which to consider proportionate investment
• Accelerates the development and improvement of cyber resilience
• Identify vulnerabilities before they are exploited
• Reduces operational cyber security risks
• Security architecture and design principles aligned to business risk
• Improved ability to detect, resist and respond to a cyber-attack
• Demonstrates commitment of your organisation to security and data protection
• Promotes awareness and understanding of security throughout your organisation
• Engagement includes Executive/SMT to build consensus and commitment
• Prioritised recommendations enabling focus on areas of greatest benefit

£650 to £1,500 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kay.barnes@leadingresolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

469638089721447

Contact

Public Sector Team
01793 488 000
kay.barnes@leadingresolutions.com

Planning

• Planning service: Yes
• How the planning service works: We carry out an assessment to understand business and organisational context and current environment and, through stakeholder meetings, capture and validate requirements. Specifically Specifically for the Cyber Maturity Assessment service, we engage with the nominated customer point of contact to confirm the project schedule and arrange a start-up meeting to confirm the scope and align all parties.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: In our experience, training is less applicable during assessment type engagements. During these initiatives, we ensure clients are supported by tailored insights, actionable recommendations and sign posted strategies, plans and roadmaps, among other deliverables. Where opportunities allow, skills and capability uplift will be pursued to enable greater autonomy and independence within the client organisation.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: To initiate the Cyber Maturity Assessment, we arrange a set -up meeting to confirm the scope of the engagement, the key activities and outcomes, the high-level timescales and the input and engagement required from stakeholders to ensure success. Throughout our engagement, our cyber specialists work collaboratively with the internal teams.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: During the Cyber Maturity Assessment service, we set up presentation and feedback sessions to advise key stakeholders on findings and next steps. In addition, we have a well-established business support function including PMO, that provides governance and assurance oversight of all the engagements we deliver. We monitor and measure our delivery through a structured governance and reporting approach which includes regular client engagement and reporting.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security audit services

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Our standard working hours are Monday to Friday 09:00 to 17:30, excluding public holidays. However, these can be flexed to suit client requirements and the demands of particular projects.

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: Not applicable for our Cloud Design Service

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Environmental, social and governance (ESG) issues have become a central tenet of our business strategy. We want to ensure that our business considers its wider influence on our planet, people, and communities. We seek positive impact in all that we do, focusing on generating social value, not just economic. ; ; We are already on our journey to becoming Carbon neutral and then Carbon negative and have begun our own innovation investigation and planning in achieving this by 2030. We have a number of environmental initiatives in place and we are fully committed to evolving our approach with many more initiatives underway or planned for 2024 and beyond.; ; Current initiatives include:; • Electric Car Scheme available to all employees - since launch saving 9.22 tonnes of CO2 (the equivalent of 4,610 trees); • Cycle to Work Scheme in place since 2019; • Planted over 1,000 locally sourced trees on a global programme; • Reduced travel by encouraging hybrid working for all; • Reduction in fuel bills to heat the office by having specific on-site days; • Water station to reduce the need for bottled water; ; We work with the Leading Edge Only Innovation Platform to post challenges to find state of the art, innovative solutions to today’s business and IT problems. We are currently inviting innovators to talk to us about their carbon negative solutions; to help us understand some of the up and coming solutions to achieving our goal and how the solutions might aide our customers.

  Covid-19 recovery

  We have always followed a hybrid model, working both remotely and on client site as required. ; During the Covid 19 global pandemic, we continued to work with our clients on a remote working basis, using technology for communication and work.

  Tackling economic inequality

  Environmental, social and governance (ESG) issues have become a central tenet of our business strategy. We want to ensure that our business considers its wider influence on our planet, people, and communities. We seek positive impact in all that we do, focusing on generating social value, not just economic. Recent initiatives have included:; • Over £4k donated to charity in the last 3 years; • £20k pro-bono work provided to local hospice and Special Needs School; • Community Social Responsibility – charity volunteer days

  Equal opportunity

  We are committed to providing equality of opportunity in our employment practices and procedures, and to avoiding unlawful discrimination being suffered by our employees, job applicants, clients, customers, workers or volunteers.; ; We will not discriminate directly or indirectly in recruitment or employment because of age, disability, sex, gender reassignment, pregnancy, maternity, race (which includes colour, nationality and ethnic or national origins), sexual orientation, religion or belief, or because someone is married or in a civil partnership. These are known as "protected characteristics”.; ; We will not discriminate unlawfully against customers, contractors, suppliers or visitors using or attempting to use the goods, facilities and services that we provide.; ; Our policy is implemented in accordance with the Equality Act 2010 and all other appropriate statutory requirements and has been compiled after consideration of all available guidance and relevant Codes of Practice.; ; We will strive to ensure that our work environment remains positive, free from harassment and bullying, and that everyone is treated with dignity and respect at all times in maintaining and sustaining equal opportunities in employment. We actively promote diversity and gender equality in the workplace with initiatives such as:; • Inclusion Committee, driving diversity and inclusion agenda across the business; • Teamtailor (in evaluation for full deployment) to remove unconscious bias from the recruitment process; • Equality across gender in respect of maternity, paternity and adoptive rights; • Equity, Diversity & Inclusion training for all staff; • Non gender specific, family-focussed policies as a bedrock to our ways of working, such as time off to support sick children, partner support for miscarriage and extended compassionate leave; • Applying positive discrimination to encourage wider diversity at board and leadership level; • Accredited Living Wage employer

  Wellbeing

  The Covid-19 global pandemic has left businesses facing multiple challenges and hurdles simply to survive. Many have been unable to allow their workforce into their offices or non-essential locations, forcing them to rely on technology for communication and work. With the remote working explosion, staff wellbeing and effectiveness are now in the spotlight. How can business and team leaders make sure that their staff are well, stick to a healthy work life balance, take breaks and are able to remain effective with an adequate technology set-up at home. Equally, how can leaders be sure that communication and messages are received and fully understood.; ; Mental health and wellness are key focus areas for us at Leading Resolutions. As well as offering a number of benefits to our employees to provide support and help, we have launched a challenge on our partner innovation site, LEO leadingedgeonly.com, to look for innovative ways to measure wellness, particularly in the new ‘working from home’ world.; ; Specific initiatives underway include:; • Accredited Living Wage Employer with the Living Wage Foundation; • Employee wellbeing “breakfast and heat” scheme; • Specific on-site days to retain social connections; • Access to Vitality Health for all employees, providing physical and mental wellbeing support; • Signed up to the Menopause Workplace Pledge (Wellbeing of Women); • Signed up to the Employers’ Domestic Abuse Covenant; • Wellbeing coach; • Offering flexible ways of working to suit the needs of each individual employee

Pricing

• Price: £650 to £1,500 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at kay.barnes@leadingresolutions.com. Tell them what format you need. It will help if you say what assistive technology you use.