DSPT Internal Auditing
Auditing of NHS Data and Security Protection Toolkit processes and documentation by qualified infosec (and data protection) practitioners. Audits are an essential part of the DSP Toolkit, ensuring that the assertions made are genuine. Our service validates that the controls are working and are effective.
Features
- Audits are undertaken by skilled infosec and data protection practitioners
- Onsite /offsite auditing undertaken
- Staff interviews
- Investigation into operation of controls to gather evidence
- Report on findings
- Debrief meeting
- Practitioner team has certifications including CISSP, CISM, ISO27001, CIPP/E
Benefits
- Gain assurance that DSPT assertions and associated controls are valid
- Overcome internal staff shortages to keep your submission on-track
- Get expert independent advice that good practices are being followed
- Identify security (or data protection) weaknesses in your control environment
- Reduce information security and privacy risks
- Get feedback on areas of good practice
- Gain visibility of potential areas for improvement
Pricing
£750 a unit a day
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
5 4 7 4 2 7 5 7 8 6 3 3 7 0 2
Contact
DLP ASSURED SERVICES LIMITED
Isobel Slater
Telephone: 0203 397 0142
Email: isobel.slater@dlp-assured.com
Planning
- Planning service
- No
Training
- Training service provided
- Yes
- How the training service works
-
We provide a range of training services. 1)They include the development of eLearning modules using presenters with the spoken word. Stock video is utilised together with bespoke video to capture specific imaging such as footage of a client's computer system. This approach provides a high quality, low cost and quick way to create powerful videos as part of the client's communication or education programme.
2) elearning training as part of a LMS
3) Onsite training courses - Training is tied to specific services
- No
Setup and migration
- Setup or migration service available
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- Yes
- How the quality assurance and performance testing works
- All documents produced for the assignment will be subject to internal review and quality assurance checking before being issued to the client.
Security testing
- Security services
- Yes
- Security services type
-
- Security strategy
- Security risk management
- Security design
- Cyber security consultancy
- Security testing
- Security incident management
- Security audit services
- Other
- Other security services
-
- Business Continuity Scenario Testing
- Artificial Intelligence Good Governance , Accountability & Data Protection Compliance
- Policy and Document Update Maintenance
- Certified security testers
- Yes
- Security testing certifications
- CREST
Ongoing support
- Ongoing support service
- No
Service scope
- Service constraints
- This service requires contact with the client which can be in person or via a remote MS Teams session.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Typically on the same day
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We've begun WCAG compliance testing making sure the widget is keyboard accessible and text-to-speech reader friendly.
- Support levels
- Our support service is 9 - 5 business days.
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- None
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Consultants certifications include CISSP, Cyber Essentials Auditor
- We operate an ISO 27001 ISMS
- Consultants certifications include CIPP/E, ISO 27000 LA & LI
Social Value
- Equal opportunity
-
Equal opportunity
Equality Statement
Individuals with different cultures, perspectives and experiences lie at the heart of the way DLP Assured operate. We strive to recruit, develop and retain the most talented individuals, regardless of their backgrounds and make the best use of their talents.
We are guided by our values in everything we do, and recognise that being a diverse and inclusive employer helps us fulfil our responsibility to make a difference for our staff. We all have to seek to develop a work environment where we treat all employees as individuals, fairly and in a consistent manner.
We work to comply with the spirit and the practice of the Equality Act 2010 by promoting a culture of respect and dignity and actively challenging discrimination, wherever it should it ever arise. We proactively look to remove unnecessary barriers for our employees seeking opportunities through training and development, promotion and career planning.
Every employee is entitled to a working environment that promotes dignity, equality and respect for all. DLP Assured will not tolerate any acts of unlawful or unfair discrimination (including harassment) committed against an employee, contractor or job applicant because of a protected characteristic:
• Sex
• Gender Reassignment
• Marriage and Civil Partnership
• Pregnancy and Maternity
• Race
• Disability
• Sexual Orientation
• Religion and or Belief
• Age
We continue to support our managers and employees to demonstrate the principles of diversity and inclusion in their everyday activities, roles and functions. - Wellbeing
-
Wellbeing
Our strategy for promoting the wellbeing of our staff includes the following key elements:
• Encouraging a culture of care and concern for our people, which requires that everybody accepts responsibility for their own and their colleague's wellbeing.
• Highlighting potential areas of risk to physical and mental health so that they can be reduced and better managed.
• Offering training aimed at providing staff with tools for managing their wellbeing, including mental health.
• Ensuring our working environments are healthy, safe, secure and appropriate.
• Encouraging a culture of open conversation, so we talk about our wellbeing and mental health having our friends and family in mind and make support available when employees may be struggling.
• Developing a framework which enables staff to enjoy a healthy work-life balance, whilst recognising the effect of personal choice and lifestyle.
• Taking reasonable steps to enable people with disabilities to carry out the role for which they are employed.
• Fostering the physical, mental and social wellbeing of our staff.
Pricing
- Price
- £750 a unit a day
- Discount for educational organisations
- Yes