Mozaic-Services Limited

Cyber security risk assessment & planning

A Digital Service Management (DSM) enabler, this service provides an assessment of your Cyber Security practices. Focused on capabilities associated with technology services and environment to: strengthen cybersecurity capabilities, enable effective and consistent evaluation and benchmark of cybersecurity capabilities. We enable prioritisation of actions and investments to improve security.

Features

• Performed by Cyber Security consultants
• Deep industry and operational experience
• Uses our best practice, proven, C2M2 maturity model
• Standard methodology refined to your requirements
• Considers your current model and tooling implementation
• Recognition of planned changes and broader change initiatives
• Compares options and makes clear recommendations
• Develops the high-level roadmap for delivery case for change

Benefits

• Review adequacy of existing cyber security Strategy
• Understand current state cyber maturity via C2M2 assessment
• Define Target State Cyber security maturity
• Agree Security Gap Analysis report with senior stakeholders
• Develop & prioritise Security initiatives & roadmap
• Align Security initiatives with business priorities
• Develops a Cybersecurity Roadmap

£400 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aileen.coull@mozaic.net. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

869482231957264

Contact

Aileen Coull
+44 203 709 1625
aileen.coull@mozaic.net

Planning

• Planning service: Yes
• How the planning service works: Planning is an integral element of all of our G-Cloud services. We ensure that our customers and agree the actions we will be taking, the priorities, and who holds is accountable for completion. We ensure clear, regular reporting of progress against plan, and appropriate risk management and mitigation strategy.
• Planning service works with specific services: No

Training

• Training service provided: Yes
• How the training service works: Where appropriate we provide training, coaching and knowledge management to support the development of skills aligned with our services.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Quality Assurance and performance testing is available within each of our services and is designed specifically to meet your context.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: No

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by a third-party organisation
• How the support service works: We provide managed services to support the SaaS platforms we implement, including ServiceNow, BMC Helix, and Digital.ai. We offer specific G-Cloud services for each of these with pricing plans.

Service scope

• Service constraints: N/A

User support

• Email or online ticketing support: No
• Phone support: No
• Web chat support: No
• Support levels: Support is available for each of our services. We design bespoke offerings to meet our clients specific needs, and offer attractive, tailored pricing.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: No

Social Value

• Fighting climate change:

  Fighting climate change

  Mozaic is committed to reduce its carbon footprint each year and attain carbon-neutral status as soon as possible - at the latest by 2030. We have calculated our baseline emissions using the Carbon Trust’s SME Carbon Footprint Calculator and we have set out strategies to improve our current score, including waste management, business travel, employee commuting, staff engagement and education. Our commitment includes:; 1. We have a written Environmental Policy and related strategy and targets to support our aims. This is reviewed and updated half-yearly and is fully communicated, understood and supported by all our staff,; 2. We use a small, serviced office with average occupancy of 2-5 people, travel to the office is mostly by public transport or bicycle. The carbon footprint from this comprises our small share of heating and lighting.; 3. Travel on company business and home to office is minimised and mostly by rail, foot, or bicycle, when it is necessary.; 4. We have implemented hybrid working for all staff, supported by home equipment. We make extensive use of Teams and Zoom software for client and internal meetings and workshops minimising the need for travel.; 5. We use only cloud-based software for customer work, internal technical work and administration. We have no fixed computing equipment other than personal laptops.; 6. We operate a paper-free environment for all our assignments and internal administration, minimising waste and obviating the need for physical storage.; 7. Laptops are recycled across employees and disposed of at end-of-life in line with current UK Environmental legislation.; 8. We ensure our suppliers have a suitable environmental policy, actively targeting carbon-neutrality as soon as possible and before 2030.
• Equal opportunity:

  Equal opportunity

  We strive to ensure Mozaic is an equitable, diverse and inclusive workplace and to provide a working environment that is free from discrimination at all times. We have a zero-tolerance approach to discrimination. Our aims are supported by our EDI Policy which applies to everyone who works for or acts on behalf Mozaic and commits: ; 1. To provide equality fairness and respect for all staff and recognise and value differences and the contributions of all team members. ; 2. To not tolerate any form of intimidation, bullying or harassment, and to discipline those that breach this policy. ; 3. To make training, development, and progression opportunities fairly available to all staff. ; 4. To promote equality in the workplace not providing less favourable facilities or treatment on grounds of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, ethnic origin, colour, nationality, national origin, religion or belief, or sex and sexual orientation. We will identify and provide special equipment if needed to ensure equality.; 5. To encourage anyone who feels they have been subject to discrimination to raise their concerns. ; 6. To regularly review employment practices so that fairness is always maintained. ; This policy is communicated with Mozaic staff, associates, and subcontractors as part of formal onboarding to both the organisation. We collect data on EDI as part of onboarding. We measure and report quarterly against our EDI KPIs. ; Policies, processes, and education are in place to support legal compliance. We audit compliance annually and take actions to correct and continuously improve. Our management training includes safeguarding awareness of signs of abuse based on SCIE guidelines. Staff are encouraged to report any concerns which are investigated, and action taken. Senior leaders and staff have responsibility to demonstrate diversity and inclusion behaviours in all engagements.
• Wellbeing:

  Wellbeing

  Mozaic is committed to supporting the Health and Wellbeing of our staff and Associates. ; We have appointed a Wellbeing Lead to drive organisation wellbeing objectives and we have two fully accredited Mental Health First Aiders. We encourage physical activity and hold and sponsor regular team charitable events involving physical activity such as running, cycling and obstacle events. Our workforce is encouraged to cycle and are provided with cycle to work scheme, gym membership and on-line meditation and relaxation techniques.; Our health-care scheme is comprehensive and includes yearly medical and well-being assessments.; We offer all staff and associates flexible working arrangements and provide risk assessments for working at home, free eye tests and additional nutritional, physical and mental wellbeing advice, guidance and support. We encourage staff and associates to take breaks and move about during the working day and we monitor and ensure that our staff take their leave allowances and that our associates build in time off within their contracted delivery.; We make it clear to staff and associates that we are concerned about any well-being, disability or mental health issues they may have and encourage them to raise and with any additional support the company can provide, on a voluntary basis in a well-defined discrete process.; Our Health, Safety and Wellbeing policies align to latest government legislation and are reviewed at least yearly at Board level and are improved and updated as required.; Mozaic is also committed to encouraging a supportive and inclusive culture amongst its workforce and are proud that our workforce is diverse in terms of experience and background. This policy encourages a positive and inclusive culture in which everyone is valued and, we believe, is happy to work.

Pricing

• Price: £400 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at aileen.coull@mozaic.net. Tell them what format you need. It will help if you say what assistive technology you use.