Resillion

Security Policy Framework (SPF) Compliance Consultancy

Consultancy to assist with compliance with all areas of SPF such as GovAssure, NIST, ISO, CE, CE+

Features

• Onsite consultancy
• Gap Analysis
• Holistic Security Review
• Security risk management consultancy
• Controls implementation support
• Template documentation
• Assistance with writing business process & policy

Benefits

• Compliance with SPF
• Assurance to DSO and senior management that organisation is secure
• Assurance to public and wider Government of security

£875 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alexander.northwood@resillion.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

909931409195975

Contact

Alex Northwood
0121 663 1026
alexander.northwood@resillion.com

Planning

• Planning service: Yes
• How the planning service works: Independent planning advice around assurance of data and infrastructure architecture, providing assurance to service users and providers that data is secure. Advice around data segregation, user identity and access management, multi-factor authentication, secure private and public cloud implementation.
• Planning service works with specific services: No

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Secure migration consultancy services, cloud service provider security auditing & assurance and review services, cloud infrastructure and application architecture security testing and review services.
• Setup or migration service is for specific cloud services: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Resillion provide software performance, load and quality assurance testing utilising both proprietary and open source tools. Test teams can be embedded or remote and we can provide single testers or large teams for larger projects or fast turnaround times.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST
  • Tigerscheme

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: UK-based, normal working hours (9am-5:30pm, Mon-Fri, excluding public holidays) unless otherwise agreed.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: 4 hour email response during normal working hours. Weekend support hours need to be agreed per contract.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Support level provided includes unlimited remote support including telephone and web, onsite support for incident response. Multiple levels are offered ranging from next business day to best efforts.; Costs vary depending on contract.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus
• ISO/IEC 27001 accreditation date: 25/02/2019
• What the ISO/IEC 27001 doesn’t cover: N/A
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  Resillion encourages all its staff to ‘think’ green (e.g. cycle to work). We have introduced initiatives within all Resillion offices aimed at reducing our carbon footprint and have been approved for ESOS (Energy Savings Opportunity Scheme). These include promoting a ‘print only if absolutely necessary’ policy, to reduce the need for print paper and ink cartridges. Resillion re-cycling points in our offices reduce landfill and support ‘re-use’. Our environmental policy and associated procedures cover how we improve our energy efficiency, including reducing water usage and to encourage staff to consider greener transport means/car sharing for commuting. Our ISO (9001 and 27001) processes ensure that our Environmental policies and processes are reviewed every year. Resillion commits to supporting any green or environmental initiatives promoted or implemented by our customers and clients, including Resillion employees working on local community projects.

  Tackling economic inequality

  Resillion is recognised as the testing employer of choice with an excellent reputation. We leverage this in our proactive resourcing strategy. Key aspects of this are: • An active programme of recruitment to bring new and local talent into the organisation. By implementing recruitment best practice and meeting the five foundational principles of quality work set out in the Good Work Plan, we attract great candidates from all backgrounds, minimise staff turnover and improve client project efficiency. • We source local suppliers (to each of our offices). This helps us support the local community and infrastructure and helps build a stronger economic environment within the local community as well as fostering opportunities for growth. • Our SQA Customised Award graduate programme is designed to attract new talent into the workforce. There are no barriers, and we actively encourage applications from individuals from all walks of life, no matter what their background is. • We commit to new engagement with local universities, collaborating with students on minimum 4 final year/graduate projects providing senior technical support and mentoring, computer hardware and access to software. This includes working with universities within the UK to promote awareness of careers and recruitment opportunities relating to known skills shortages concerning software testing and cyber security. • We support refugees, including those from Ukraine, Yemen, and other war-torn countries, by offering laptops so that they can take part in courses which help them get jobs and a better life.

  Equal opportunity

  Resillion is very active in progressing its diversity and BAME ratios and is compliant with all relevant legislation. This is highlighted by the following: • 44% women at Board Level across UK, 31% of our workforce is from a BAME background • Our internal recruiters have annual female, BAME and disability targets to meet • We provide fair employment terms and above National living wage for all employees • We have signed up to the Armed Forces Covenant to help create further employment opportunities and support for those Veterans and military personnel who face barriers to employment. • We have achieved the Investors in Young People Gold Award year on year since 2017 • All Employees have targets for CO2 and Diversity • We have an active Youth Forum Group supported by Director level mentors who have a direct impact on determining our approach to ongoing recruitment, training and welfare of new recruits.

  Wellbeing

  Our greatest asset is our people and we recognise the importance of employee health and wellbeing. We support our staff as follows: • Employee Assistance Program – professional counselling/mental health and wellbeing • A growing community of mental health first aiders to provide pastoral support and signposting to external support for any colleagues who require our help. We provide a confidential wellbeing address which is accessible to all colleagues – where they can reach out to a mental health first aider. • The provision of Perkbox’s ‘Wellness Hub’ which we make available to our staff and which proved invaluable as we emerged from the Covid pandemic. • Long term sickness cover – we ensure illness does not impact financial commitments or taking care of dependents • Death in service benefit – dependents receive a significant sum, making the loss less financially challenging • We undertake charity fund raisers such as the Tough Mudder 15k event. Funded entirely by Resillion we raised £1,330 towards The Aortic Dissection Charitable Trust • Cycle to work scheme – improve physical health and wellbeing • Inclusivity workshops / monthly feedback sessions • The management team discuss the importance of mental health and wellbeing at our quarterly meetings with all colleagues and importantly role model behaviours to demonstrate this, for example, avoiding meetings over lunch to enable colleague to take a physical break from their computer • We recognise that many employees have family or caring commitments that cannot always be catered for during the working day. Whilst we have commitments to our clients, we allow employees the flexibility (time-off, working from home etc) so that they can maintain a healthy work/life balance.

Pricing

• Price: £875 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at alexander.northwood@resillion.com. Tell them what format you need. It will help if you say what assistive technology you use.