BSI PROFESSIONAL SERVICES (UK) LIMITED

BSI Digital Trust - Security Testing Intelligence & Operations (STI&O) Service

BSI Digital trust (BSI) offers Penetration Testing and IT Health Check services as part of its extensive portfolio of information security assurance services, providing assurances that information assets are appropriately protected. BSI is a CHECK and CREST member company and has a substantial pool of testers holding industry recognised qualifications.

Features

• API Assessment
• Cloud Service Configuration Review
• Device Configuration Review
• Infrastructure Penetration Testing
• IT Health Check Assessment (ITHC)
• Mobile Application Assessment (iOS & Android)
• Red Teaming & Attack Simulation Services
• Social Engineering Assessment
• Vulnerability Assessment (VA)
• Web Application Penetration Testing (OWASP)

Benefits

• BSI is a CHECK and CREST member company
• IT Health Checks performed by NCSC approved CHECK Team
• Testing performed by highly skilled consultants holding industry recognized certifications
• Certified Consultants (CREST, Cyber Scheme, Offensive Security)
• Consultants have wide experience of testing for central government agencies
• Testing performed in line with BSI proven and approved methodologies
• Extensive experience working with AWS, Azure, Google Cloud and Office365
• Comprehensive report including customisable Summary of Findings spreadsheet
• All engagements include read-out call between test team and client

£1,250 a unit a day

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitaltrust.consulting.presales@bsigroup.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

875450917730234

Contact

Pre Sales
+44(0)345 222 1711
digitaltrust.consulting.presales@bsigroup.com

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security testing
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • CISSP
  • Offensive Security

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: No significant constraints on the service.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Email support is available on a 09:00 to 17:00 basis during normal business days (Monday to Friday excluding Bank Holidays).; ; Initial response will be within a maximum of 2 business days.; ; Full response within 5 business days subject to scope.; ; Additional support can be made available by arrangement.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Standard email and telephone support is available on a 09:00 to 17:00 basis during normal business days (Monday to Friday excluding Bank Holidays) with an initial response will be within a maximum of 2 business days and a full response within 5 business days subject to scope.; ; Extended support can be made available by arrangement at extra cost dependent on requirements - this can include access to either commercial, consultative or technical resource, as required.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Qualys, Zscaler, Proofpoint, Menlo, NowVertical, Druva, Okta

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Certification Europe (UK) Ltd
• ISO/IEC 27001 accreditation date: 23/10/2013
• What the ISO/IEC 27001 doesn’t cover: No exceptions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • NCSC Evaluation Partner (CAS)
  • PCI DSS - Qualified Security Assessors (QSA)

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  As opportunity accelerators in this space, we follow sustainability best practice to become our own best-in-class case study, utilizing the standards and sustainability solutions we share with our partners wherever possible. ; ; We are proud of the responsibility we have, enabling organizations to accelerate progress towards a sustainable future. Combatting climate change is one of societies top priorities, and we know that will mean profound change alongside practical problem solving. That starts by ensuring our own operations are a shining example of how we live our purpose. ; ; BSI has been a carbon neutral organisation since 2020, investing in high quality carbon credits with our partners to balance the GHG emissions that we produce in our business activities. We believe that investment in a carbon market that is transparent and credible is a meaningful tool on our path to our carbon reduction goals. We also work closely with the Integrity Council for the Voluntary Carbon Market (ICVCM) to ensure greater transparency, monitoring, and best-in-class verification, all in service of deepening trust in the systemic measures. ; ; At COP 27, BSI took a lead role with a network called ‘Our 2050 World’ to launch The Net Zero Guidelines (ISO IWA42:2022). These provide guiding principles to limit global warming to 1.5 degrees Centigrade in order to propel government and organizations to accelerate action towards a more sustainable future.; ; Our Operational Sustainability Excellence (OSE) team works closely with senior leadership at all levels to drive this. As a result, each business leader has been given their own carbon ‘budget’ for the year. This distributes sustainability ownership throughout the organisation and allows our leaders to guide carbon reduction success. ; ; It's very important that our decarbonisation strategy reflects BSI’s sustainability purpose, delivering positive impact on our society and the environment.

  Covid-19 recovery

  At BSI, our philosophy is that if we look after our people, our people will look after our clients and support each other. ; ; We focus on the physical and mental wellbeing of our people to ensure we provided support in moments which mattered most to them. A global Covid-19 working group was established to anticipate and implement practical solutions to the changing working requirements due to the pandemic. Our continuous listening strategy helped us shape our wellbeing programme. We focused on building capability globally with our certified mental health first aiders who have delivered mental health awareness training. ; ; During the pandemic, concern for BSI employee and client safety, coupled with travel restrictions and limited access to client sites, meant most of our services were challenged. To ensure the continuity of a high-quality service, BSI immediately transitioned from an onsite to a remote service delivery model with operations shifting entirely to immersive audit, certification, and consultancy delivery in less than a week. We maintained a high-quality service delivering 100% of audits remotely at the height of the covid pandemic through the use of remote technology. This rapid transition was enabled as a result of 18 months of testing and our commitment to the UN Sustainable Development Goals. Our global experts worked with our Innovation Team to test multiple hardware and software technology. This testing led to development of different levels of immersive technology, allowing BSI to support clients in most environments. Regardless of the type of audit methodology employed, our auditors continue to deliver the same high standards of service in-line with agreed service levels which is demonstrated by our high customer satisfaction scores.; ; Throughout the pandemic, our auditors achieved a Customer Satisfaction score of 9.6/10 by delivering audits remotely through the use of live web streaming technology.

  Tackling economic inequality

  BSI is dedicated to maximizing social value through our organization, particularly in addressing and mitigating economic inequality. Our strategy aligns with the Civil Society Strategy and the Public Services (Social Value) Act of 2012 enhancements, aiming to embed social value deeply within our procurement processes. ; ; We also work with Career Ready, the national social mobility charity, providing mentorships for young people, paid internships and masterclasses. In addition, we partner with Speaker for Schools to create work experience placements for young people who lack networks, creating a fairer and more level playing field for gaining quality work experiences. ; ; To tackle economic inequality globally, BSI’s International Projects team has worked in over 50 developing countries and transition economies over the last 20 years. Our interventions have been designed to help improve those countries’ quality infrastructure, trade and investment flows, and to facilitate increased opportunities for market access, and tackle crises such as the COVID-19 pandemic, by bringing procedures in line with international standards and requirements. ; ; We continue to actively seek gender balance in our candidate shortlists, spanning all roles and levels. We have made a great deal of progress in this area and have significantly improved our success rate in appointing women to senior roles over the last two years. We continue further work as we address female representation across the feeder roles to leadership. ; ; Our organisation has Silver Employer Recognition Status (Armed Forces Covenant) and employs several ex-military personal in various roles. ; ; As part of our commitment to group-wide equality and diversity, BSI monitors the terms of employment for all employees to ensure that all colleagues are being offered appropriate access to benefits, training and promotion opportunities.

  Equal opportunity

  By implementing and certifying against standards, regulation and consensus best practice BSI is a catalyst for positive change, creating an enduring legacy of improvement for our clients, their customers and society. ; ; In standards development, there has been extensive work on an inclusive standards development environment and process, enabling the development of inclusive standards and increasing the diversity (stakeholder, organization, individual) of standards-makers. ; In Assurance Services, there is pioneering work on the Prioritising People framework, inclusive approaches to commercial training and the recent success of the Inclusive Services kitemark. In Regulatory Services, diversity is at the heart of ground-breaking work on AI and medical regulation. More broadly, the brand team have been shaping conversations in the market with campaigns such as the Second Glass Ceiling and the launch of the new menopause standard. ; ; We have bold plans for diversity and inclusion inside BSI, having made important progress in recent years. We are committed to improving the gender and ethnic diversity of our leadership teams, with a particular focus on the attraction and hiring processes. We are improving our understanding of the demographic make-up of our population, as this will be a vital tool in measuring impact and progress. We are also strengthening our employee resource groups to ensure under-represented voices have more opportunity to contribute to and shape the BSI landscape. ; ; Quick facts ; BSI has three employee groups – Women’s Network, Black Alliance and LGBTQ+ ; ; Our most senior global executive leadership team is 55% female ; A ground-breaking global programme of awareness and celebration events including Deaf Awareness Week, Black History Month, International Women’s Day, Pride, Wellbeing Week, Accessibility Awareness, Faith Week.; ; We are currently building relationships with universities and scholarship foundations to help reach groups who may not traditionally consider entry to BSI to build their career.

  Wellbeing

  At BSI our people are our competitive advantage we want them to thrive by building a collaborative culture where our people are inspired and empowered to deliver our purpose. This means creating an open, inclusive, collaborative and ultimately high-performing organization. This focus on building a healthy culture is foundational in terms of our success. ; ; We established a series of colleague affinity groups and we continue to evolve our Talent and People policies. We also launched a best practice framework on workplace wellbeing, BSI’s Prioritizing People Model, and we are aligning our internal approach to this. ; Promoting wellbeing is an important strand of our activities as we continue to develop our wellbeing program, informed by our continuous listening strategy and colleague surveys. We have expanded our cohort of certified mental health first aiders and the implementation of a global service through our partners at International SOS means our employees can access support and alternative health advice if required. ; ; BSI is a participant in the United Nations Global Compact (UNGC), having been a signatory since 2018, and continues to support its principles. We do this by tackling issues in our direct operations, by using our position as the UK National Standards Body (NSB) to bring together thought leaders on these issues, and by helping our clients improve their performance in four principle areas of human rights, labour practices, environment and anti-corruption. ; ; BSI invests in a range of awareness sessions for employees covering race, gender, and sexual orientation equality and understanding bias. These are offered at regular intervals throughout the year as well as part of the initial employee induction programme. BSI also monitors the conditions of service of all employees and their progression to ensure that they are being offered the appropriate access to benefits, training, and promotion opportunities.

Pricing

• Price: £1,250 a unit a day
• Discount for educational organisations: No

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at digitaltrust.consulting.presales@bsigroup.com. Tell them what format you need. It will help if you say what assistive technology you use.