NHS DSP Toolkit Audit
Our audit provides an independent assessment of an organisation’s NHS Data Security and Protection Toolkit (DSPT) submission to NHS Digital, as part of the Strengthening Assurance Framework.
The audit is suitable for Trusts (Acute, Foundation, Ambulance and Mental Health), CCGs, ICSs, CSUs, Local Authorities and others seeking an independent assessment.
Features
- Audits are undertaken by experienced Infosec and Privacy practitioners
- Auditor’s professional judgement will guide how the standards are met
- Scope is based upon the NHS Digital audit specification
- DSPT controls found will be reviewed and assessed
- Inconsistencies identified during the audit will be highlighted
- Audit assignment will include a written Audit report and debrief
- Audits undertaken by 2-person team
- Potential cyber security and privacy improvements will be suggested
- Practitioner team has certifications including CISSP, CISM, ISO27001, CIPP/E
Benefits
- Provides independent assurance on the quality of your DSPT assertions
- Audit is undertaken by experienced information security and privacy experts
- Audit will validate if assertions made meet the DSPT requirements
- Helps highlight, understand and address data security and privacy risks
- Get up-to-date, objective guidance on how to improve controls
- Audit will consider the maturity of the controls found
- Helps identify improvements to controls, not just assess DSPT compliance
Pricing
£6,000 a unit
- Education pricing available
Service documents
Request an accessible format
Framework
G-Cloud 13
Service ID
8 4 2 7 3 7 1 2 2 5 6 0 5 1 8
Contact
DLP ASSURED SERVICES LIMITED
Isobel Slater
Telephone: 0203 397 0142
Email: isobel.slater@dlp-assured.com
Planning
- Planning service
- No
Training
- Training service provided
- Yes
- How the training service works
-
We provide a range of training services. 1)They include the development of eLearning modules using presenters with the spoken word. Stock video is utilised together with bespoke video to capture specific imaging such as footage of a client's computer system. This approach provides a high quality, low cost and quick way to create powerful videos as part of the client's communication or education programme.
2) elearning training as part of a LMS
3) Onsite training courses - Training is tied to specific services
- No
Setup and migration
- Setup or migration service available
- No
Quality assurance and performance testing
- Quality assurance and performance testing service
- Yes
- How the quality assurance and performance testing works
- All documents produced for the assignment will be subject to internal review and quality assurance checking before being issued to the client.
Security testing
- Security services
- Yes
- Security services type
-
- Security strategy
- Security risk management
- Security design
- Cyber security consultancy
- Security testing
- Security incident management
- Security audit services
- Other
- Other security services
-
- Business Continuity Scenario Testing
- Artificial Intelligence Good Governance , Accountability & Data Protection Compliance
- Policy and Document Update Maintenance
- Certified security testers
- Yes
- Security testing certifications
- CREST
Ongoing support
- Ongoing support service
- No
Service scope
- Service constraints
- This service requires contact with the client which can be in person or via a remote MS Teams session.
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- Typically on the same day
- User can manage status and priority of support tickets
- Yes
- Online ticketing support accessibility
- WCAG 2.1 AA or EN 301 549
- Phone support
- Yes
- Phone support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support
- Web chat
- Web chat support availability
- 9 to 5 (UK time), Monday to Friday
- Web chat support accessibility standard
- WCAG 2.1 AA or EN 301 549
- Web chat accessibility testing
- We've begun WCAG compliance testing making sure the widget is keyboard accessible and text-to-speech reader friendly.
- Support levels
- Our support service is 9 - 5 business days.
Resellers
- Supplier type
- Not a reseller
Staff security
- Staff security clearance
- Conforms to BS7858:2019
- Government security clearance
- None
Standards and certifications
- ISO/IEC 27001 certification
- No
- ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- No
- Other security certifications
- Yes
- Any other security certifications
-
- Consultants certifications include CISSP, Cyber Essentials Auditor
- We operate an ISO 27001 ISMS
- Consultants certifications include CIPP/E, ISO 27000 LA & LI
Social Value
- Equal opportunity
-
Equal opportunity
Equality Statement
Individuals with different cultures, perspectives and experiences lie at the heart of the way DLP Assured operate. We strive to recruit, develop and retain the most talented individuals, regardless of their backgrounds and make the best use of their talents.
We are guided by our values in everything we do, and recognise that being a diverse and inclusive employer helps us fulfil our responsibility to make a difference for our staff. We all have to seek to develop a work environment where we treat all employees as individuals, fairly and in a consistent manner.
We work to comply with the spirit and the practice of the Equality Act 2010 by promoting a culture of respect and dignity and actively challenging discrimination, wherever it should it ever arise. We proactively look to remove unnecessary barriers for our employees seeking opportunities through training and development, promotion and career planning.
Every employee is entitled to a working environment that promotes dignity, equality and respect for all. DLP Assured will not tolerate any acts of unlawful or unfair discrimination (including harassment) committed against an employee, contractor or job applicant because of a protected characteristic:
• Sex
• Gender Reassignment
• Marriage and Civil Partnership
• Pregnancy and Maternity
• Race
• Disability
• Sexual Orientation
• Religion and or Belief
• Age
We continue to support our managers and employees to demonstrate the principles of diversity and inclusion in their everyday activities, roles and functions. - Wellbeing
-
Wellbeing
Our strategy for promoting the wellbeing of our staff includes the following key elements:
• Encouraging a culture of care and concern for our people, which requires that everybody accepts responsibility for their own and their colleague's wellbeing.
• Highlighting potential areas of risk to physical and mental health so that they can be reduced and better managed.
• Offering training aimed at providing staff with tools for managing their wellbeing, including mental health.
• Ensuring our working environments are healthy, safe, secure and appropriate.
• Encouraging a culture of open conversation, so we talk about our wellbeing and mental health having our friends and family in mind and make support available when employees may be struggling.
• Developing a framework which enables staff to enjoy a healthy work-life balance, whilst recognising the effect of personal choice and lifestyle.
• Taking reasonable steps to enable people with disabilities to carry out the role for which they are employed.
• Fostering the physical, mental and social wellbeing of our staff.
Pricing
- Price
- £6,000 a unit
- Discount for educational organisations
- Yes