Skip to main content

Beta Help us improve the Digital Marketplace - send your feedback

Frazer-Nash Consultancy

Digital Enterprise Risk Management (ERM) - Healthcare

Digital Enterprise risk management (ERM) modelling of cloud-based systems, including cloud, technology components, processes and information for the identification and mitigation of systems level risks in healthcare and care settings as well as across the integrated care system. This includes analysis and management of risks across supply chains.

Features

  • Standards-based system modelling to understand legacy systems
  • Identification of threats and assessment of related cyber risks
  • Identification of internal, external, strategic and major system risks
  • Identification of capability and competency gaps
  • Provides Risk management prioritisation at place and system level
  • Action plans addressing risks and support organisational resilience
  • Risk reporting for enterprise at technical, operational and strategic levels
  • Assessment of cloud risks including security, integrity, availability, performance
  • Supports achievement of NIS directive objectives for critical systems
  • Supports open system architecture principles avoiding vendor lock-in.

Benefits

  • Provides organisational view of risks and a basis for mitigation
  • Develops positive risk management culture and behaviours
  • Develops organisations risk management maturity in line with the threat
  • Provides prioritisation of developments to support risk maturity
  • Cost effective use of resources to tackle risks
  • Effective risk budget use covering people, process, information, technology, facilities
  • Exploits new processes and technology developments
  • Enhances organisational resilience
  • Provides assurance at all levels of the organisation
  • Enables the development of commercial/ operational flexibility with minimised risk.

Pricing

£300 to £2,100 a unit a day

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@fnc.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

8 5 2 5 0 9 1 8 0 9 4 0 5 0 2

Contact

Frazer-Nash Consultancy Andy Spears / Vicky Hannigan
Telephone: 01925404000
Email: ccs@fnc.co.uk

Planning

Planning service
Yes
How the planning service works
We work with our healthcare and public sector clients to plan services that add true value to their business, by ensuring their requirements are met. This requires a wider understanding of the problem, the ability to tailor services, which ultimately focuses effort to where it is most needed.
Planning service works with specific services
Yes
Hosting or software services the planning service works with
  • Electronic Patient Records (EPR) / Personal Health Records (PHR)
  • Electronic Health Records (EHR) / Electronic Medical Records (EMR)
  • Electronic Prescribing and Medicines Administration (EPMA)
  • Interoperability and integration, Health Information Exchange (HIE)
  • Mobile apps and devices / telehealth/ telemedicine
  • Picture Archiving and Communication systems (PACS)
  • Virtual ward and home care solutions
  • Cross integrated care system requirements and solutions
  • Public Health systems, and Patient Flow systems

Training

Training service provided
Yes
How the training service works
We have a full in house training team, with a wealth of experience of producing training material and delivering training courses in a range of markets. This starts by truly understanding the situation to develop training which is comprehensive but proportionate.
Training is tied to specific services
No

Setup and migration

Setup or migration service available
Yes
How the setup or migration service works
Frazer-Nash offers services to support customers setting up and migrating to or between cloud hosting or software systems and services. We provide consolidated, through-life cost, operational, technical and training support, highlighting benefits and risks, to optimise the system or service and its design, delivery and support. We develop detailed, resourced and costed plans to support set up and migration activities, including governance, risks, assumptions, issues, dependencies and opportunity (RAIDO) management, benefits realisation planning and stakeholder engagement. We enable organisations to determine their level of readiness, assessing feasibility and process maturity when implementing new systems and services or when developing an existing service. We develop Integrated Test, Evaluation and Acceptance strategy and plans to enable comprehensive compliance checks, testing and evaluation before formal acceptance. Equally importantly, we assess the readiness of your people to use and benefit from the new technology. When setting up or migrating to cloud hosting or cloud software, a thorough understanding of the intended benefits will strengthen the Business Case and ensure delivery of the new capability aligns with outcomes. We manage the benefits realisation plan to track, measure and report achievement of expected benefits.
Setup or migration service is for specific cloud services
No

Quality assurance and performance testing

Quality assurance and performance testing service
No

Security testing

Security services
Yes
Security services type
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security audit services

Ongoing support

Ongoing support service
Yes
Types of service supported
Hosting or software provided by a third-party organisation
How the support service works
We are able to provide all our customers with post delivery support, which is tailored to their needs. This may include assistance interpreting deliverables, or support in implementing changes. For instance we have integrated people within organisations to help them achieve permanent organisational change.

Service scope

Service constraints
We will always ensure our services remain safe, legal, ethical, and within our competencies - however we have no other specific service constraints.

User support

Email or online ticketing support
Email or online ticketing
Support response times
Our support times can be tailored to be appropriate for a particular customer. We are willing to support our customers whenever possible, including outside working hours by arrangement.
User can manage status and priority of support tickets
No
Phone support
Yes
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
No
Support levels
Our support is tailored to the customer's needs. Calls will be redirected as needed, with reach back to a wide range of specialists, thereby providing first, second and third line support. This can include on-site support as needed, within and outside business hours on arrangement.

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Developed Vetting (DV)

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Lloyd's Register Quality Assurance Limited
ISO/IEC 27001 accreditation date
30/11/2015
What the ISO/IEC 27001 doesn’t cover
There are no exclusions
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
No
Cyber essentials
No
Cyber essentials plus
Yes
Other security certifications
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

How we will reduce environmental impacts. Our business is ISO14001 accredited, in addition we have recently produced and published our Carbon Reduction Plan which underpins our commitment to achieve Net Zero by 2050. This runs in tandem to our existing commitment to the Science Based Targets initiative (SBTi) who approved our near and long-term science based emissions reduction targets in December 2023:
- Our approved targets include reducing absolute scope 1 and 2 GHG emissions 90% by 2030 from a 2022 base year and also reducing absolute cope 3 GHG emissions 50% within the same timeframe.
- For our 2040 commitment we will maintain at least 90% absolute scope 1 and 2 GHG emissions reductions from 2030 through 2040 and commit to reduce absolute scope 3 GHG emissions 90% by 2040 from a 2022 base year.

Throughout contract delivery our objectives are:

• To raise awareness on environmental issues internally and work to reduce our carbon footprint by considering environmental impacts in all we do.
• To comply with the law, relevant standards, client requirements and best practice to minimise our environmental impacts as far as reasonably practical.
• To ensure our EMS is continually improved and meets and exceeds stakeholder expectations.
• To provide processes, training and mentoring (where needed) to enable the technical delivery of solutions to our clients with minimal environmental impacts.

Covid-19 recovery

Creating employment, re-training and return to work opportunities for those left unemployed by COVID-19 (MAC 1.1).
Throughout the global pandemic we have continued to offer employment opportunities to both graduates and to those whose livelihoods have been affected by COVID and who wish to work in the engineering and technology sector. Over the course of the last year, we recruited 177 (Jan - Dec 21) individuals, of whom 45 were graduates. We expect to recruit a further 200 full time staff over the course of this FY (143 perm / 168 including placements already accepted and due to start) with a target of 51 graduates, 16 summer students and 9 year in industry placements.

Supporting organisations and businesses to manage and recover from the impacts of COVID-19 (MAC 1.2).
Under the ‘Business Heroes’ scheme, we are one of three companies sponsoring membership of Devon & Plymouth Chamber of Commerce. Through this scheme we fund the membership of Social Enterprises operating to the benefit of communities right across the county of Devon.

Improving workplace conditions that support the COVID-19 recovery effort (MAC 1.5)
In response to Covid-19, our business moved swiftly to remote working, providing industry-leading tools to aid communication and collaboration during this period. We continue to engage with colleagues at all levels of the business through both informal channels like team meetings and more formal mechanisms such as employee surveys in order to gauge what support is needed to create a safe and enjoyable workplace that is sustainable and will support the COVID-19 recovery effort.

Tackling economic inequality

Create diverse supply chains (MAC 3.1)
We believe diverse supply chains hold the key, not only to promoting innovation and value, but also flexibility and resilience within our supply chain. A significant number of our approved suppliers are SMEs. As the Prime Contractor for the MoD’s ‘Serapis’ Lot 6 we have helped Dstl reach new suppliers, small and medium-sized enterprises and academia.

Support to innovation and disruptive technologies (MAC 3.2)
We have extensive experience of supporting innovation in our supply chain and pride ourselves on our track record of collaboration with SMEs and Academia, working at the cutting edge of technology.
As a supplier to the Government Office for Science’s ‘Futures Framework’ we regularly collaborate with academia and SMEs to help public sector clients identify and capitalise upon opportunities presented by innovative and disruptive technology.

Identify and manage cyber security risks in the delivery of the contract and the supply chain (MAC 3.5)
We are a Cyber Essentials Plus (CE+) accredited organisation; we actively work with our suppliers to ensure they either have, or are working towards, CE as a minimum. Currently 50% of our Supply Chain hold a valid CE certificate. For those suppliers who don't hold CE, we offer advice and support to help them build cyber resilience into their business.

Our team of over 60 dedicate Cyber and Security professionals can help you understand, mitigate and manage potential cyber risks associated with this contract and to drive cyber resilience in your supply chain.

On behalf of Dstl, we undertook an extensive research study on improving the resilience of organisations to cyber-attacks from a people and process perspective. We would be delighted to share the findings and the resultant ‘PREPARE’ model with you and your wider Supply Chain in raise Cyber Awareness throughout the duration of this contract.

Equal opportunity

We conduct regular Equality & Diversity surveys of our organisation to understand exactly how we are doing against our diversity targets. Alongside this, through our Health and Safety processes, we conduct an annual survey of our staff to understand any challenges they might be facing and what changes we can make to our infrastructure, processes and tools that will ensure an inclusive and accessible working environment for all our employees. To deliver on our commitment to Equal Opportunity we offer:
• Inclusive and Accessible recruitment. All our recruitment literature carries a clear pledge to adapt any part of our process as necessary to ensure that our recruitment and retention practices are inclusive, accessible and meet the needs of those with a disability.
• Working conditions that promotes retention and progression. We are a ‘Time to Change’ employer, committed to treating physical and mental illness on an equal footing. We use a professional Occupational Health provider to advise us on adaptations we can make to our business to meet the needs of colleagues with disabilities. We also support our staff through corporate membership of a private healthcare scheme in recognition of the fact that most disabilities are acquired through an individual’s working life.
• Equal Pay and Progression. Our HR team conduct regular equal pay audits and review promotion across the business unit to ensure we are meeting our commitment to equal pay and progression.
• In-work progression and the development of skills – To support the development of digital skills in our business, we have committed to an investment of £1.5m over the course of this Financial Year. For staff members with disabilities, we will engage specialist service providers to tailor the learning package to the specific needs of that individual’s disabilities.

Wellbeing

Support health and wellbeing in the workforce (MAC 7.1)
We are committed to supporting the wellbeing of our staff. In addition to the private healthcare cover available to all our employees (and their dependents if they so choose) we are signatories to the Time to Change Pledge which demonstrates our commitment to mental health.

We are rolling out mental health awareness and training across the business. We have also put in place a number of mental health ‘champions’ to provide a network of support available to all. As a result, we are better able to monitor our staff wellbeing and have seen minimal disruption to our ability to deliver our projects.

Our wellbeing strategy focuses on 5 pillars of wellbeing:

• Physical - Making healthy lifestyle choices that help you have the energy for work and life.
• Financial - Knowing when your money is coming in and going out and being prepared for current and future financial obligations.
• Emotional - Coping with normal stresses, handling life’s ups and downs and realising your potential. Additionally, as a ‘Time to Change’ employer we treat mental and physical health issues with parity, actively supporting and engaging in discussions around mental health.
• Social - Engaging in meaningful relationships and connections with individuals and the community.
• Personal - Having a sense of accomplishment and achievement in your home and work life

Pricing

Price
£300 to £2,100 a unit a day
Discount for educational organisations
No

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at ccs@fnc.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.