Skip to main content
Digital Marketplace

Beta Help us improve the Digital Marketplace - send your feedback

ACTICA CONSULTING LIMITED

Security, Risk Management and Accreditation Service

Actica provides expert security, management and accreditation advice on all aspects of cloud-related information assurance and cyber security, including the HMG Security Policy Framework (SPF), ISO27001, NCSC CAF, NIST CSF, Data Protection Act (DPA), GDPR and NIS. Our partners (Fidus Infosec, ProCheckup) work with us to provide certified security testing.

Features

  • Risk management and accreditation document set (RMADS) production and review
  • Security implementation within Agile delivery
  • Security analysis, security requirements and architecture development and analysis
  • Code of Connection (CoCo) compliance assessment
  • Business Impact Assessment, Data Protection Impact Assessment (DPIA) to ICO-guidelines
  • Protective Monitoring, Security Event Management, Incident Management, Forensic Readiness advice
  • Business Continuity Planning (BCP) and Disaster Recovery Plans (DRP) production
  • Supplier security assurance and supporting compliance, audit and review activities
  • Security testing (ITHC, CHECK, CREST, Tiger, PCI, red teaming)
  • Chartered and NCSC cyber professionals, CISSP cyber security consultants

Benefits

  • Successful accreditation of your cloud service and cloud architecture
  • Secure operation of your cloud service and cloud architecture
  • Reduced operational risks and increased assurance
  • Ensure security is an enabler and not a constraint
  • Maximise usability within security defined by use or threat case
  • Enables a proportionate response to cyber security threats
  • Compliance with cyber security standards, data protection and privacy legislation
  • Sectors: Defence, Education, Health, Justice, Local Authority, Police, Transport
  • Effective management of Government policy changes
  • Aligns to both Agile or Waterfall delivery methodologies

Pricing

£300 to £1,430 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at opportunities@actica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

5 0 8 1 9 0 2 0 7 6 4 2 5 3 8

Contact

ACTICA CONSULTING LIMITED Michael Murphy
Telephone: +44 (0) 1483484090
Email: opportunities@actica.co.uk

Planning

Planning service
Yes
How the planning service works
Actica Consulting provides expert security, management and accreditation advice on all aspects of information assurance and cyber security relating to the cloud, including the implications of the HMG Security Policy Framework (SPF), the Government Classification Scheme, ISO 27001, the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). It is hugely beneficial to implement ‘security by design’, and ‘security by default’ best practices do this during the planning stage of an initiative so that the architecture can be ‘compliant by design’, avoiding a large range of possible issues and headaches than can occur later if this is not done. In the planning stage Actica can perform (amongst other tasks) security analysis, security requirements development and analysis, Business Impact Assessments, Data Protection Impact Assessments (DPIA), Business Continuity Planning (BCP) and Disaster Recovery Plans (DRP) production. Performing these early is cheaper and easier than down the line, and results in making security both more attainable and more useable, allowing security to become an enabler rather than a restriction. Our services support all classification levels, including OFFICIAL, SECRET and TOP SECRET. We have experience with all major cloud providers: AWS, Azure, GCP, as well as MODCloud.
Planning service works with specific services
No

Training

Training service provided
No

Setup and migration

Setup or migration service available
Yes
How the setup or migration service works
Actica Consulting provides expert security, management and accreditation advice on all aspects of information assurance and cyber security relating to the cloud, including the implications of the HMG Security Policy Framework (SPF), the Government Classification Scheme, ISO 27001, the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). When migrating to or between cloud providers, it is necessary to perform security analysis, including accreditation document set (RMADS) production and review, getting Protective Monitoring, Security Event Management and Forensic Readiness advice, performing supplier security assurance and supporting compliance, audit and review activities and performing tailored security testing (including CREST, Tiger, PCI, red teaming). These ensure that the migration to or between cloud technologies has not introduced vulnerabilities that can be exploited, ensuring that the threat to your organisation is minimised.
Setup or migration service is for specific cloud services
No

Quality assurance and performance testing

Quality assurance and performance testing service
Yes
How the quality assurance and performance testing works
Actica Consulting provides expert security, management and accreditation advice on all aspects of information assurance and cyber security relating to the cloud, including the implications of the HMG Security Policy Framework (SPF), the Government Classification Scheme, ISO 27001, the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). Actica’s activities combine industry leading professionals, best practise frameworks, and decades of experience to ensure that your security is sufficiently robust for your needs. Our consultants include a number of UK Cyber Security Council Chartered Cyber Security Professionals (ChCSP), NCSC Certified Cyber Professional (CCP) and CISSP cyber security consultants, who are fully conversant with the latest versions of all relevant standards, policy and guidance including Secure by Design. We perform supplier security assurance and supporting compliance, audit and review activities and security testing (e.g. CREST, Tiger, PCI, red teaming) so that your quality and performance is ‘match-fit’.

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
Certified security testers
Yes
Security testing certifications
  • CHECK
  • CREST
  • Tigerscheme
  • Cyber Scheme
  • Other
Other security testing certifications
  • National Cyber Security Centre (NCSC) Assured Consultancy
  • CCP Certified Consultants

Ongoing support

Ongoing support service
Yes
Types of service supported
  • Buyer hosting or software
  • Hosting or software provided by a third-party organisation
How the support service works
Actica can provide expert security advice on all aspects of security, risk management and accreditation services, including the implications of the HMG Security Policy Framework (SPF), the Government Classification Scheme, the International Standard on Information Security Management (ISO 27001), the Data Protection Act, the Privacy and Electronic Communications Regulations (PECR) and the General Data Protection Regulation (GDPR). We can advise on Protective Monitoring, Incident Management, Forensic Readiness, Disaster Recovery (DR) and Business Continuity Planning (BCP), providing supplier security assurance and supporting compliance and audit activities. We can help you specify any security testing and IT Health Check (ITHC) required, arrange for these to be performed by a CREST and/or PCI approved supplier, and help you in undertaking any remediation as necessary. Support can be provided to a tailored specification, often including:
• Data handling assessments in accordance with the SPF, including governance and culture
• Maturity assessment and implementation against NIST CSF, PRISMA and C2M2
• Data Protection Act (DPA), PECR and GDPR support
• Security incident investigation and information forensics
• ISO 27001 support, including gap analysis and ISMS implementation
• Cyber and security support to the delivery of digital systems

Service scope

Service constraints
None

User support

Email or online ticketing support
No
Phone support
No
Web chat support
No
Support levels
N/A

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Bsi
ISO/IEC 27001 accreditation date
18/01/2023
What the ISO/IEC 27001 doesn’t cover
N/A
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

At Actica Consulting, we are a company that cares about the environment. Our EMS (Environmental Management System) is certified to ISO14001:2015 and we are committed to reducing our already very small environmental footprint. We set annual SMART objectives as part of our commitment to continuously improve our environmental management, enhance environmental performance and reduce pollution.

As stated in our published Carbon Reduction Plan, we are committed to achieving Net Zero no later than 2050 (though we aim to be much faster) and to play our part in keeping the global temperature rise within 1.5 degrees. Our CRP is updated annually to record progress and set targets for the year ahead.

Actions we take include, but are not limited to: establishing environmentally sensitive purchasing policies (buying recycled or long-life products; favouring products derived from natural/sustainable sources) and monitoring the environmental performance of our suppliers; ensuring that all decisions regarding working practices and purchasing take environmental considerations into account. We measure, monitor and minimise our usage of resources and consumables, and our greenhouse gas emissions. We actively look for ways to reduce waste and recycling, and encourage the use of sustainable modes of transport. We encourage home working and the use of virtual collaboration tools. Finally, we encourage our employees and suppliers to suggest ways to further develop our EMS.

For the provision of these services, we commit to offsetting the carbon footprint for the development of the Actica deliverables and, if requested, will provide certification verifying this action has been completed within a month of project completion. In 2023, Actica offset 5tCO2e, through similar schemes.

Covid-19 recovery

Since the pandemic, Actica has maintained its commitment to its people and to uplifting others by offering employment opportunities and training, and leveraging our high-growth sector to create jobs. In the period from Mar '20 to April '24, we employed 122 new staff members, resulting in a c20% net increase in the number of employees per annum.

Actica undertakes a range of measures to aid with economic recovery from COVID-19 - especially at a local level - including promoting the benefits of staying local and ensuring money is spent supporting local businesses. We support recruitment events away from our SE England base and have recruited staff across the UK, ensuring that they benefit directly from our activity.

At Actica, the health and well-being of our staff comes first. We provide office equipment, and whatever else is needed to ensure the highest level of wellbeing and support to our staff. Where in-person working is required, Actica ensures that client sites meet our high standards for COVID safety. Recognising the importance of mental health, Actica has implemented a support structure which pairs up staff for ‘kitchen chats’; providing social stimulation for a healthy working-life balance.

Actica has fully embraced hybrid working, leveraging video-conferencing and online collaboration tools. We foster a close, remote-working relationship with clients through regular informal video calls. Actica is committed to retaining flexible working for our staff and engages with customers to deliver our services most efficiently - removing unnecessary travel and reducing commuting at peak times. We fully accommodate staff that require special considerations due to shielding, and allocate them specifically to remote working projects.

Tackling economic inequality

Actica is compliant with the processes and procedures contained within the Modern Slavery Act 2015. Our anti-slavery and human trafficking policy applies to all staff, as well as other persons representing Actica in a working capacity. This including employees at all levels, contractors and suppliers. We are committed to promoting and maintaining the highest possible ethical standards in all of our business activities, and have a zero-tolerance policy towards bribery and corruption. We are committed to acting fairly and with integrity in all of our dealings and relationships. We have implemented and currently enforce an effective system to counter bribery. Our anti-bribery policy provides details of our approach.

Actica are pleased to confirm that all of our staff and associates are paid above the real living wage, in addition to receiving a pay review following every performance review. Furthermore, we hold formal accreditation from the Living Wage Foundation as a living wage employer. In our supply chain of associates, we prefer to work with known and trusted associates with well-established subcontracts and working practices. We do not use zero-hour contracts, and prefer to subcontract based on fixed-price deliverables. We are able to accommodate working both inside and outside of IR35 regulations as needed.

Actica has supported a number of young people to obtain an apprenticeship in Cyber Security.

Equal opportunity

Actica is committed to ensuring fair treatment of all stakeholders in our business from customers to employees. We are a Disability Confident Committed employer (certificate: DCS024208). We believe in equality of opportunity and inclusion, where Actica’s Equality, Diversity and Inclusion policy goes beyond what we are required to do to ensure all contributions are valued and respected. We ensure that in all our activities we promote equality and provide respect to all, irrespective of marital or civil partnership status; having or not having dependants; religion or beliefs; race (including colour, nationality, ethnic or national origin); disability; sex or sexual orientation; age; or pregnancy and maternity. This policy extends beyond our own employees to client personnel, subcontractors, suppliers and potential recruits, and underpins our approach to recruitment of staff and engagement with our supplier base.

We require all of our staff and people within our supply chain to uphold our equality principles. We have effective procedures in place to ensure equal opportunities for all, preventing discrimination, harassment and bullying – fostering a culture which values diversity and inclusion. Our equality and diversity policy provides more details of our approach and a member of the board actively monitors our compliance to the policy to ensure any opportunities for improvements are identified, considered and implemented as needed. Actica is covered by the Modern Slavery Act 2015; our compliance with the processes and procedures contained within the Modern Slavery Act 2015 is set out in our Modern Slavery policy and statement.

Wellbeing

Actica is a company that is committed to supporting the health and wellbeing of our staff, both physically and mentally. We make every effort to ensure that our people are physically comfortable working at home by providing office equipment, and whatever else is needed (subject to individual accessibility requirements). Where in-person working is required, Actica ensures that a client’s site meets our high standards for safety.

Actica knows that mental health is just as important as physical health. Actica has implemented a support structure - which the Directorate promotes - where staff optionally pool their names for ‘kitchen chats’; providing much-needed social stimulation. A Company Director is responsible for the Mental Health services we offer to our employees, which includes overseeing regular communications and awareness campaigns via both virtual and physical means. We have established our Metal Health First Aid team, all of whom have undergone Mental Health First Aid Training with Mental Health England and have communicated their presence and purpose to the company. Additionally, we offer private medical insurance to our staff. This includes full mental health cover which incorporates confidential access to trained counsellors.

Throughout service delivery, we promote a team-culture with regular, collaborative workshops and informal social team video calls, with both Actica and client team members encouraged to join. This is particularly important where individuals are unable to routinely meet and engage with colleagues.

We believe in playing a responsible role in our community and giving back to society. A big part of this is fundraising. We support upReach, a charity committed to supporting undergraduates from lower socio-economic backgrounds to access and sustain top graduate jobs, and SSAFA, the Armed Forces charity. Actica also sponsors the Manchester ‘Look After Yourself’ charitable conference, which supports and celebrates the work of mental health bodies.

Pricing

Price
£300 to £1,430 a unit a day
Discount for educational organisations
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at opportunities@actica.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.