ADVANIA UK LIMITED

Governance, Risk and Compliance (GRC) Services

Advania's Cyber GRC team delivers a portfolio of consultancy services, including information advisory and assurance to enable the remediation and identification of security risks. Ensure effective governance, enterprise risk management and compliance with regulations. Align with recognised standards: NIST, HMG Security Policy Framework (SPF), Cloud Security Principles, ISO 27001, etc.

Features

• Security Framework Gap Analysis and implementation
• NCSC 10 Steps, ISO 27001, NIST Cyber Security Framework Aligned
• Cyber Operating Model
• Risk Management
• vCISO Services
• Supplier Audits
• Policy Development across all aspects of GRC
• Security Incident Management Policy development
• Create Run Books and provide Testing Services
• Effective GRC knowledge transfer to your organisation

Benefits

• Give comprehensive oversight of culture, process, and technology
• Proactively review client's security posture and provide remediation strategies
• Complete overview of current state of information security
• Identify current open risks that may pose a threat
• Establish and maintain a Governance Framework
• Enable GRC automation to achieve significant monetary savings
• Prioritise and plan the implementation of GRC recommendations
• Ensure consistent results through an integrated GRC solution
• Establish continuous improvement process of control implementation
• Demonstrate compliance to external and third party auditors

£550 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@advania.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

871558505693838

Contact

Will Tuson
+44 203 835 7332
bids@advania.co.uk

Planning

• Planning service: Yes
• How the planning service works: We use technical tools to map out your technology estate and conduct interviews/workshops with technical and business stakeholders to plan a migration path which maximises cloud value to your organisation. We work with you to understand the detailed requirements for each application/service and match these to the capabilities of appropriate cloud environment(s). We design the target cloud environment to meet your requirements for connectivity, security and availability, ensuring all dependencies and constraints are factored in.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with: All Content+Cloud services

Training

• Training service provided: Yes
• How the training service works: We will work with you to define the training plan and specific delivery methods (e.g. classroom training, webinar, white-glove) either off-the-shelf or bespoke, that is required to ensure that your users get the maximum value out of the cloud application/technologies implemented. ; ; In instances where we have implemented a solution, we provide full knowledge transfer aimed at supporting the solution or service as it transitions into production within the customers environment. The form of knowledge transfer will vary depending upon the customers’ requirements and audience. Typically, we will include one-to-many online training sessions, documentation including video tutorials, knowledge articles in our service desk or the customers and one-to-one coaching.
• Training is tied to specific services: Yes
• Services the training service works with: All Content+Cloud Services

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: We have experience of migrating systems, users and data to the cloud. We have developed a variety of approaches to ensure the integrity of your data and the quality of the system(s), measured against defined user needs and acceptable performance metrics. We can help you evaluate options for migration to IaaS, PaaS & SaaS services, and build business case / cloud programme materials/plans. The service can be tailored to deliver just the specific items that your organisation needs.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: We offer quality assurance for both our own work and our clients by providing expertise to perform, where appropriate, architectural and technical reviews of existing and to be environments, code reviews and signoff. Before allowing a product to exit the Early Life Support (ELS) period we use an array of tests, defined specifically for individual services, that validate operational performance that meet the defined and agreed standards. The objective of the ELS service is to ensure the project can continue to migrate at the necessary velocity, whilst reducing operational risk.The ELS Service can be provided as part of our suite of services and is designed to ensure that services migrated or deployed new to Microsoft Cloud are quality assured and performing as expected before the exit of a project phase and move into BAU Support.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Enterprise Mobility + Security consulting
  • Microsoft Cloud Security consulting
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme

Ongoing support

• Ongoing support service: Yes
• Types of service supported: Hosting or software provided by your organisation
• How the support service works: Content+Cloud supports the Cloud platforms and any technology used during the Consultancy engagement until the statement of work/call-off contract is complete.

Service scope

• Service constraints: Content+Cloud will deliver the requirements within the scope documented in the statement of work / call-off contract. The addition of new requirements or a broader scope will result in contract changes which may incur additional cost.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Tickets are responded to on a priority basis. Initial responses are tied into our response SLAs, however response times for general questions are not targeted. Response times at weekends will depend on whether weekend support is taken up.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: Our service desk puts an experienced team of highly-qualified engineers at your disposal. We have an enviable reputation for providing the kind of support your employees really want. Our service is flexible and scales all the way up to a 24/7/365 support which is a true round-the-clock, enterprise-grade managed support service to ensure that the requisite expertise is on hand day or night to act swiftly should the unexpected happen.; ; Our support levels vary depending on the service wrapper under which you are consuming support. Our support levels vary from 1st to 4th line support. We offer remote support as well as dedicated onsite multi-skilled teams. Both remote and onsite teams are made up of Cloud Solution Architects, Cloud Infrastructure Engineers, Cloud Platform Engineers, Operating System (Windows & Open Source) & Application Support specialists skilled to various levels dependent on customer requirement. Our standard support also includes Service Delivery Managers, Technical Account Managers, support engineers and a 24/7 Network Operations Centre. We provide flexible charging models for support that facilitate fluctuations in demand for both business-as-usual support and continuous improvement initiatives.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Citation ISO Certification Limited
• ISO/IEC 27001 accreditation date: 11/01/2024
• What the ISO/IEC 27001 doesn’t cover: Nothing
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: ISO9001

Social Value

• Social Value:

  Social Value

  Fighting climate change

  Fighting climate change

  Fighting climate change; We recognise that digitalisation has an important role to play in the transition to a climate-smart society, while IT companies such as Advania have a responsibility to help minimise the negative climate impact that the use of IT entails.; ; We focus on taking responsibility for our own operations as well as influencing Buyers on all call-off contracts under the framework to make more sustainable choices, for example moving away from the linear IT Hardware model of produce, use and dispose to a more circular approach including responsible reuse-and-recycle procedures at the end of the hardware lifecycle.; ; Carbon Emissions: We are committed to continuous reduction of our carbon footprint. Our Environmental Policy includes provisions around minimising our emissions by a smart approach to travel and printing, lowering the use of electricity, water, heating, and promoting climate change and sustainability charity/community work. We are aiming to reduce this by 5% over the next year and are committed to achieving Net Zero emissions by 2050.; ; Hybrid Working: We have implemented 80% working from home policy for all employees. Where needed/agreed with the Buyers, Advania resources will be working onsite.; ; Travel: We encourage staff to use technology wherever possible. Where travel to the client site is required, we will require all staff to consider alternative transport options and optimise car sharing.; ; Reducing IT waste: Our Equipment Recycling Policy ensures hardware devices like laptops and desktops are managed throughout their lifecycle. When devices are replaced, they are either transferred to our recycling centre or donated to local charities post data sanitisation.; ; Sustainability Training: Our proactive approach towards environmental stewardship incorporates training on sustainable practices at all operational levels. We actively raise staff awareness through online training on environmental impacts and sustainability benefits.

Pricing

• Price: £550 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at bids@advania.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.