Sweethaven

Cyber Essentials Plus Audit

The audit includes an internal and external vulnerability scan of your on-premise & cloud infrastructure and then focuses on a random selection of user devices, all internet gateways and all servers which are accessible to internet users. The Assessor will test a random sample of these systems (typically around 10%).

Features

• Access to the IASME Cyber Essentials Portal
• Fully qualified and certified IASME Lead Assessors
• Technical assessment against the five technical controls of Cyber Essentials+.
• Vulnerability scan against public IP addresses.
• Credentialed internal vulnerability scan on sample of devices
• Checks Multi Factor Authentication (MFA) is enabled and fully functioning.
• Ensures all users can securely work, teach and learn online
• Mitigate against the risk posed by common cyber threats
• Implement secure configuration practices across your organisation
• Deliver excellent, recognised standard of cybersecurity across your organisation.

Benefits

• Stronger cybersecurity defences against various common threats.
• Peace of mind: no hidden vulnerabilities exist on your network.
• Protection from malware, phishing, and hacking attempts.
• Ensures compliance with General Data Protection Regulations (GDPR).
• Demonstrates commitment to security, reassuring staff, parents and wider community..
• Unlocks potential discounts on cyber insurance premiums.
• Ensures compliance with safeguarding regulations, including KCSIE.
• Provides assurance for partners and suppliers.
• Cultivates a culture of cybersecurity awareness raising across your organisation.

£2,000 to £5,000 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commerical@sweethaven.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

905047598636173

Contact

Tommy Isaksson
01737228208
commerical@sweethaven.co.uk

Planning

• Planning service: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Sweethaven/inTEC follow the quality principles enshrined in our ISO 9001 accreditation. Within this, we have detailed and comprehensive processes for ensuring that we deliver the utmost standards of service for our customers across the work that we do. These processes are regulated by our Quality Policy, which embeds continual review of business processes and our service into everything that we do. Both within Sweethaven and across the wider inTEC Group, we have named individuals responsible for the delivery of a quality service across our sectors of work and continually report to, and consult with, our customers to ensure that their expectations are communicated and met on a regular basis.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Cyber security consultancy
  • Security testing
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • Cyber Scheme
  • Other
• Other security testing certifications:
  • Assessing GDPR as part of the IASME Standard
  • CESG Technical Cyber Auditing Course
  • IASME Assessor Training Course
  • Microsoft SC 100

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: Sweethaven and inTEC provide support services for cloud-hosted infrastructure, server workloads, platform services and software services.; Support offered can range from ad-hoc, initiative or incident-led interactions to fully comprehensive managed support services with our vendor-accredited expert technical teams and ITIL-compliant helpdesk.; Our NOC team can monitor your services 24 hours a day, 365 days a year, and in conjunction with Microsoft and Google, ensure that issues (such as resource exhaustion) are detected and resolved proactively before service is interrupted.; Using our industry-standard helpdesk and processes, we put in place management and change-control procedures to help your own teams manage cloud services effectively and safely.; Our reporting mechanisms allow us to monitor cloud resource usage in real time and, leveraging the power of AI, help with resource planning and budgeting to ensure that you are getting the most from your investment in the cloud, and not overspending on unused compute resource or storage.; Our Cloud Solution Architects support both our internal teams and customers with regular reviews of the cloud setup, bringing new trends and principles to ensure that the estate is kept fresh and up-to-date, as well as being able to provide consultancy and advice through the change control process.

Service scope

• Service constraints: As an IASME Cyber Essentials and IASME Certification Body, the Sweethaven, trading as inTEC Group, can provide Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance audits. These include: ; ; Customer consultation to communicate findings and recommended remedial actions. ; ; Following audit and implementation of remedial actions, the customer may then choose to gain Cyber Essentials and/or IASME Certification. The customer can enlist inTEC’s help with: ; ; Full submission of required documentation and proof via the assessment portal, to ensure a pass when all criteria have been met. ; ; The above is undertaken by Cyber Essentials IASME qualified assessors.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: In our organisation we put people first, and we believe that our customers deserve the fastest response possible. During our standard working hours of 08:30 - 18:00, Monday to Friday (excluding Bank Holidays) we aim to acknowledge all email queries within 15 minutes, answer telephone calls within 30 seconds, and where an immediate answer cannot be given, respond to non-technical queries within 1 business day. Technical issues and change requests are always responded to within the relevant SLA period.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Our support is based upon the fundamental principle that all customers should receive equally excellent service, and as such we offer one tier of service.; Our service is provided using industry-standard ITSM platforms using ITIL-based processes.; You will be assigned a dedicated Relationship Manager who will be the main contact with your organisation, as well as a dedicated Project Manager and a dedicated Senior Cloud Engineer.; Support for our services is included within our product fee with no additional cost for duration of the service.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: IASME

Staff security

• Staff security clearance: Staff screening not performed
• Government security clearance: None

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • IASME Cyber Assurance Level 1
  • IASME Cyber Assurance Level 2
  • IASME Quality Principles

Social Value

• Social Value:

  Social Value

  Wellbeing

  Wellbeing

  Our Cyber Essentials Plus Audit package supports organisations to become more secure against the threat of cyber attacks, providing them with an additional layer of operational security and stability. This stability provides for the wider wellbeing of our communities, as it helps to prevent harmful data loss, financial loss and widespread fear and uncertainty that can be caused by cyber attacks.; ; By supporting the cultivation of a wider cyber security awareness within an organisation, we can support more individuals to have better awareness and understanding of good cyber security practice, allowing them to protect themselves and colleagues to a greater standard as well as easing some of the anxiety associated with cybersecurity. This can also help to move organisations toward a greater common acceptance of good cyber security practice, even where it may cause minor inconvenience to users.; ; Our Audit will ensure that you can work confidently during the day and rest easy at night, knowing that our cyber security experts have identified - and are rectifying - any vulnerabilities across your IT. This expertise can therefore help to alleviate a major source of workplace stress by bringing potential unknowns to light.

Pricing

• Price: £2,000 to £5,000 a unit
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commerical@sweethaven.co.uk. Tell them what format you need. It will help if you say what assistive technology you use.