Cyber Security Associates Ltd

ISO 27001 Services

ISO 27001 services to include ISO 27001 gap analysis, ISO 27001 certification programmes, ISO 27001 internal audit and ISO 27001 maintenance and support. Our ISO 27001 consultancy is delivered by ISO 27001 lead auditors and implementers with decades of experience.

Features

• ISO 27001 Certification Programme
• ISO 27001 Consultancy
• ISO 27001 Support
• ISO 27001 Gap Analysis
• ISO 27001 Internal Audit
• ISO 27001 Implementation
• ISO 27001 Information Security Management System Definition
• ISO 27001 Training
• Information Security Management System Implementation

Benefits

• Improves security posture
• Streamlines compliance
• Align to industry best practice
• Market differentiator
• Facilitates commercial growth
• Security improvement
• Risk reduction

£900 to £1,400 a unit a day

• Education pricing available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@csacyber.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

971360891270204

Contact

Commercial and Sales Team
+44 (0) 300 3034691
commercial@csacyber.com

Planning

• Planning service: No

Training

• Training service provided: Yes
• How the training service works: We provide ISO 27001 training to stakeholders of all levels, inclusive of general security awareness training, targeted training for high risk and specialist roles, c-level and executive stakeholder training, in addition to training subject matter experts on managing the Information Security Management System (ISMS) effectively. Our "train the trainers" approach ensures longevity in the training programme, and all materials can be provided to future employees through recordings and documentation. All training services are provided by ISO 27001 lead auditors and implementers with decades worth of experience in ISO 27001.
• Training is tied to specific services: No

Setup and migration

• Setup or migration service available: No

Quality assurance and performance testing

• Quality assurance and performance testing service: Yes
• How the quality assurance and performance testing works: Quality assurance and performance testing of the Information Security Management System (ISMS) is included within our implementation services packages. As part of the implementation, we ensure all deliverables are subject to quality assurance processes and that performance of the ISMS is tested before go-live.

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
  • Other
• Other security services:
  • Managed Security Operations Centre (SOC) and MDR Service
  • Vulnerability Scanning and Assessment
  • Supplier Assurance
  • Cyber Security Assessment
  • Penetration Testing
  • PCI-DSS Consultancy
  • Incident Response
  • Red Team Cyber Engagement
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST

Ongoing support

• Ongoing support service: No

Service scope

• Service constraints: Services can be provided remotely or in-person, dependent on the clients needs. Our services are priced to include all aspects of delivery including oversight, project management, operations and quality assurance to ensure there are no hidden costs.

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Our consultants are available to respond to any queries you have regarding your ISO 27001 programme and will respond within one working day for any queries.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Support levels: Our consultancy support levels are included within our pricing and include account managers and technical consultants available to support with queries related to the service during core business hours. Additionally clients have access to our customer success team who provide support regarding scheduling and general project progression.

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Conforms to BS7858:2019
• Government security clearance: Up to Security Clearance (SC)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: Alcumus ISOQAR
• ISO/IEC 27001 accreditation date: 15/08/2022
• What the ISO/IEC 27001 doesn’t cover: The certification covers the entire organisation.
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications:
  • ISO 9001 Certification
  • ISO 27001 Lead Auditors
  • ISO 27001 Implementers
  • Microsoft Solutions Partner for Security (Threat Protection Specialism)
  • Microsoft Solutions Partner for Security (Cloud Security Specialism)
  • IASME CE & CE+ Assessors
  • QSAC

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  The environment and climate change is a core value within CSA, some of the initiatives are as follows: Company Ride to Work scheme in place to encourage less car use. We have moved to hybrid working to reduce carbon fuels on the commutes and have a wider range of distributed offices to enable staff to work in an office closer to home. All cleaning materials are eco products. We have dramatically reduced all forms of travel and invested in high quality video conferencing facilities. CSA has moved a paperless environment and moved all IT infrastructure from on premise to the cloud.

  Covid-19 recovery

  Prior to the Covid-19 pandemic starting we had already established remote working practices which were cyber secure, these were shared with local businesses as a free resource. We developed various policies for our staff to ensure a safe working environment and shared these with other businesses through social media. We held several mental health initiatives for our staff to ensure that they weren't isolated, including regular social evenings and events held online. We continued to recruit during the pandemic and used online interviews and meetings to both select and on-board new employees into the company. CSA continues to employ a geographically dispersed workforce post the pandemic, so regular communications and updates is a core part of our ways or working.

  Tackling economic inequality

  We have increased our staff numbers by over 50% during the pandemic, with remote working we were able to advertise and recruit from of different demographics. Our staff are now extremely diverse in every area, but especially neurodiversity, as much of our work benefits from lateral thought. We spread our recruitment nets wider and have taken on people without a background in cyber and trained them. We provide free support into the local Gloucestershire Local Enterprise Partnership and advise smaller businesses on their cyber security posture without having to break their budgets. Finally, CSA is an active member of Cyber First, promoting cyber into local Schools and actively encourages ‘work experience’ students for a week of immersive training with CSA.

  Equal opportunity

  CSA has a varied and diverse workforce and embraces the strengths of every individual within the company. Mental health is also championed within the organisation along with other minority groups, with centralised training and support available for all employees. The nature of cyber is that physical disability is not an issue for us and often neurodiversity is a great benefit as the analysis of threat actors who are attacking networks requires a variety of perspectives. Our recruitment process is fully transparent to ensure there is no prejudice in selection. Every individual is given the same opportunity to join CSA through a series of technical interviews and remote face to face interviews. All suppliers are vetted to ensure that there is no possibility of modern slavery and all CSA staff are paid above the minimum living wage.

  Wellbeing

  CSA recognise that the support of health and wellbeing is essential in any modern business. CSA hold regular events which promote health and wellbeing and provide free online resources and access to Group HR to ensure everyone is aware on what they can leverage if support is needed. Throughout the year we hold various remote social events to ensure that those remote working members of staff are not excluded from activities which are regular and varied. We have a dedicated Employees Forum who work with the Managing Director to suggest and implement areas that will benefit all employees. CSA provides the Chair role on the Gloucestershire Local Enterprise Partnership Cyber Tech Group which advises other businesses on the cyber threat and ways of staying safe against cyber crime.

Pricing

• Price: £900 to £1,400 a unit a day
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at commercial@csacyber.com. Tell them what format you need. It will help if you say what assistive technology you use.