Nexor Limited

Security Policy Definition, Development & Review

Effective security management requires a set of policies to define the protocols for protecting information. These policies are then enacted through a set of supporting procedures. Nexor offers expert support, to develop or update a set of tailored policies and their underlying procedures. This can cover design, documentation, and implementation.

Features

• Engagement with Senior Stakeholders to Determine Overall Security Objectives
• Engagement with Wider Organisation to Determine Departmental Security Needs
• Creation of New Security Policy Documents
• Review of Existing Security Policy Documentation
• Updating of Existing Security Policy Documentation
• Cyber Resilience
• Accredited Cyber Professionals
• Policy Gap Assessments

Benefits

• Security Policies Tailored to Your Organisation
• Security Policies that Complement Business Operations
• Identify Security Gaps and Risks
• Fix Security Vulnerabilities and Mitigate Threats
• Detailed Security Improvement Recommendations
• Implement Security Controls at a Higher Level of Maturity
• Prioritised Approach According to Risk Aligned with Industry Best Practice
• Effective Protection from Cyber Security Threats

£170 to £2,080 a unit a day

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@nexor.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

554329128470625

Contact

Donna Frend
0115 9535528
sales@nexor.com

Planning

• Planning service: Yes
• How the planning service works: Nexor offer solution design and security architecture services for the implementation of cloud hosting or software, working with agile methodologies to place the customer and their business at the centre of each project.; ; A typical engagement will include:; • A baseline assessment to understand the customer's exact business requirements, their operational context, and to determine the measure of success;; • Identify the resources and controls required to address the security concerns, whilst ensuring that the business objectives will still be met;; • Agree a plan of action which may involve a combination of consulting via Cyber Security Advisory Services, or technology delivery;; • Execute on the plan, using SIXA® Technologies, or partner products where appropriate;; • A final report summarising outcomes and making recommendations for ongoing continual improvement and ongoing solution management.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security risk management
  • Cyber security consultancy
  • Security audit services

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Response time is 4 hours. Weekend support is by arrangement.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Please see terms and conditions

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: LRQA
• ISO/IEC 27001 accreditation date: 01/06/2022
• What the ISO/IEC 27001 doesn’t cover: Anything outside of the certification scope which covered: Information security management system supporting the analysis, design, development, implementation, delivery and support associated with the provision of technology (SIXA®) and service (CyberShield Secure®) solutions to facilitate cross domain and secure information exchange. All in accordance with the statement of applicability version 26.x.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO 9001:2015

Social Value

• Social Value:

  Social Value

  Tackling economic inequality

  Tackling economic inequality

  Create employment and training opportunities, particularly for people in industries with known skills shortages or in high growth sectors.; ; Support educational attainment relevant to the contract, including training schemes that address skills gaps and result in recognised qualifications.; ; Influence staff, suppliers, customers and communities through the delivery of the contract to support employment and skills opportunities in high growth sectors.; ; Demonstrate action to identify and manage cyber security risks in the delivery of the contract including in the supply chain.; ; Influence staff, suppliers, customers and communities through the delivery of the contract to support resilience and capacity in the supply chain.

Pricing

• Price: £170 to £2,080 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@nexor.com. Tell them what format you need. It will help if you say what assistive technology you use.