iomart Managed Services Limited

Cyber Security Risk Assessment

iomart’s comprehensive cyber risk assessment / cyber health check identifies, evaluates, and prioritises potential cyber security risks to your organisation. Through in-depth analysis of your systems, processes, and controls, we provide actionable recommendations to mitigate risks, strengthen security posture, and ensure regulatory compliance, safeguarding your critical assets and business continuity.

Features

• Identify vulnerabilities that could be exploited by malicious actors.
• Model and assess threats, evaluating likelihood and impact.
• Develop and implement robust security controls.
• Review compliance with relevant data protection regulations and standards.
• Review incident response ensuring readiness to detect, respond, recover.
• Assess adequacy of cyber security training programs to educate employees.
• Includes targeted assessment of infrastructure to identify vulnerabilities and mis-configurations
• Recommending risk mitigation strategies, remediation plans and control enhancements.
• Comprehensive reporting of findings, risks, and recommended actions.
• Recommendations including prioritized investment road-map and strategy.

Benefits

• Identify vulnerabilities before they can be exploited by cyber threats.
• Gain clear understanding of most critical risks facing your organisation.
• Enhance security posture with actionable intelligence to strengthen security controls.
• Ensure compliance with relevant industry regulations and standards.
• Safeguard critical assets including data, intellectual property and customer information.
• Mitigate threats disrupting operations, damaging reputation, resulting in financial loss.
• Develop a proactive approach and cyber resilient operation.
• Provide stakeholders with comprehensive risk information supporting decision-making
• Evaluate cyber security risks posed by third parties and suppliers
• Establish ongoing risk motioning and assessment enabling continuous improvement.

£18,000 a unit

• Education pricing available

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

997222021777952

Contact

Seema Griffiths
0800 040 7228
gcloud@iomart.com

Planning

• Planning service: Yes
• How the planning service works: Iomart provide comprehensive planning services to reduce the risk for your organisation. Our experts assess your current infrastructure, analyse requirements, and develop a detailed road-map outlining steps, resources, and timelines. This strategic approach minimises risks, optimises costs, and ensures seamless cloud or software service implementation while aligning with your business objectives.
• Planning service works with specific services: Yes
• Hosting or software services the planning service works with:
  • VMware
  • Microsoft Azure
  • Google

Training

• Training service provided: No

Setup and migration

• Setup or migration service available: Yes
• How the setup or migration service works: Our Cyber Risk Assessment identifies the risks involved in a move to the cloud or between cloud services. It can be a standalone service or part of a wider migration strategy.; ; Assessment: iomart assesses your environment, workloads, data, applications, and dependencies to understand your requirements and constraints.; ; Migration Strategy: iomart develop a tailored migration strategy that considers downtime, security, compliance, and business continuity. We evaluate different approaches (rehosting, re-platforming, refactoring) and cloud deployment models (public, private, hybrid).; ; Cloud Selection: Our experts help you choose the right cloud service, such as performance, scalability, cost, and integration with existing systems.; ; Migration Planning: We create a plan outlining phases, timelines, resources required, and risk mitigation strategies. This includes data migration, application migration, testing, and cutover plans.; ; Proof of Concept: optional pilot migration to validate the approach and identify potential issues before the full-scale migration.; ; Execution: Our team manages the end-to-end migration process, ensuring minimal disruption to your business operations. We handle provisioning cloud resources, data transfer, application deployment, and testing.; ; Optimization: After migration, we help optimize your cloud environment for performance, cost, security, and scalability, leveraging best practices and automation.; ; Knowledge Transfer: We provide comprehensive knowledge transfer and training to your team.
• Setup or migration service is for specific cloud services: Yes
• List of supported services:
  • VMWare
  • Microsoft Azure
  • Google

Quality assurance and performance testing

• Quality assurance and performance testing service: No

Security testing

• Security services: Yes
• Security services type:
  • Security strategy
  • Security risk management
  • Security design
  • Cyber security consultancy
  • Security testing
  • Security incident management
  • Security audit services
• Certified security testers: Yes
• Security testing certifications:
  • CHECK
  • CREST

Ongoing support

• Ongoing support service: Yes
• Types of service supported:
  • Buyer hosting or software
  • Hosting or software provided by your organisation
  • Hosting or software provided by a third-party organisation
• How the support service works: After the assessment, if you would like support migrating to or managing cloud hosting and software services we can help through the following. ; Cloud Strategy Consulting: Our experts help define your cloud strategy, evaluating requirements, workloads, and existing infrastructure to recommend the best cloud service providers, deployment models and migration approaches.; Cloud Migration Services: We plan and execute end-to-end cloud migrations, including assessment, migration planning, data transfer, application migration, testing, and cutover. ; Cloud Architecture and Design: Our cloud architects design and build secure, scalable, and high-performing cloud environments. ; Cloud Optimization and Cost Management: We continuously monitor and optimize your cloud deployments for performance, security, and cost-efficiency, implementing auto-scaling, rightsizing, and cost optimization strategies.; Cloud Security and Compliance: Our team can implement robust security controls, access management, data protection, and continuous monitoring.; Cloud Managed Services: We offer comprehensive managed services for your cloud infrastructure, including 24/7 monitoring, patching, backup, disaster recovery, and incident response. ; Software as a Service (SaaS) Integration: We assist in integrating and customizing SaaS solutions, ensuring seamless integration with your existing systems, data migration, and user adoption.; For organizations with multiple cloud or hybrid cloud environments, we provide unified management, governance, and orchestration across different cloud service providers.

Service scope

• Service constraints: None

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: SLA aligned with iomart standard terms and conditions.
• User can manage status and priority of support tickets: Yes
• Online ticketing support accessibility: None or don’t know
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Support levels: Support for this service would be defined and included within the project cost.

Resellers

• Supplier type: Reseller providing extra features and support
• Organisation whose services are being resold: Reliance Cyber

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: ISOQAR
• ISO/IEC 27001 accreditation date: 27/10/2023
• What the ISO/IEC 27001 doesn’t cover: Iomart's Statement of Applicability excludes the following controls: - A.6.1.4 Contact with special interest groups - A.14.2.7 Outsourced development - iomart does not outsource software development - A.14.3.1 Protection of system test data - only artificially generated data is used for testing purposes
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: Yes
• Who accredited the PCI DSS certification: One Compliance Cyber Ltd
• PCI DSS accreditation date: 23/02/2024
• What the PCI DSS doesn’t cover: Hosting provider: - application / software - hardware - infrastructure / network - physical space (colocation) - storage - web - security services - share hosting provider Managed Services - systems security services - IT support - physical security - other services (PCI Compliant Infrastructure as a Service)
• Cyber essentials: Yes
• Cyber essentials plus: No
• Other security certifications: Yes
• Any other security certifications:
  • Police Assured Secure Facility
  • NHS Data Security & Protection Toolkit

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  iomart recognises the environmental impacts of our business operations and continually seeks to minimise this impact with a commitment to achieving Net Zero by 2050, or earlier. To control and reduce our environmental footprint, iomart implemented a sustainability and energy efficiency programme aligned with a number of the UN Sustainable Development Goals, specifically #13 – Climate Action, which aims to take urgent action to combat climate change. This programme complies with the requirements of ISO 14001:2015 and ISO 50001:2018, which form the basis of iomart’s Energy Management and Environmental Management Systems, respectively. As part of this programme, iomart: • Partners with Schneider Electric to establish carbon reduction targets and implement a roadmap to reduce our overall emissions in alignment with UK Government targets • Purchases Renewable Energy Guarantees of Origin (REGO) certified renewable energy across our entire UK data centre estate, resulting in a 99% decrease in total carbon emissions under the market-based reporting approach since our benchmark year of FY21 • Continues to meet the UK Government Streamlined Energy and Carbon Reporting (SECR) requirements, including energy use and carbon emissions information in its annual report • Carries out assessments under the Energy Savings Opportunity Scheme (ESOS), administrated by the Environment Agency to identify tailored measures to save energy and achieve carbon savings • Operates an ongoing programme of energy efficiencies across its data centre estate, including the installation of LED lighting and the upgrade of UPS battery power systems • Has relocated its headquarters to a more sustainable premises with green commuting encouraged • Maintains responsible business operations including recycling/segregation of waste, considering environmental factors during the procurement process and encouraging employee involvement in energy efficiency improvement initiatives • Is rolling out new initiatives to reduce environmental impact, including the installation of solar panels at its flagship data centre

  Covid-19 recovery

  iomart recognises the continued impact of Covid-19 on communities, businesses and staff. Having implemented a Business Continuity Plan aligned with ISO 22301 best-practice guidelines, iomart was able to seamlessly transition to a remote working policy for the majority of employees at the start of the global pandemic. Safe working practices were introduced for those working at our data centre sites to support Critical National Infrastructure during this time. Reflecting on this era, iomart recognised that many employees value the ability to work from home. In response, iomart introduced a hybrid working policy in order to balance the needs of the business with the flexibility for employees to work both from the office and remotely. As a managed services provider, iomart continues to provide the necessary infrastructure and support to many customers which allow them to offer their staff remote and hybrid working, enjoying the same benefits as many iomart employees. Having provided many customers with financial initiatives to delay invoice payments during the pandemic to help with their cashflow, iomart played a pivotal role in ensuring that a significant number of small and medium business continue trading today and continues to work closely with them to provide business-critical services. iomart continues to partner with the organisation Business Volunteers to support various charities within the local communities in which it operates. Through numerous volunteering engagements, iomart employees have supported a food-growing charity to encourage families to get outdoors, exercise and grow healthy food. They have contributed towards the rejuvenation of the site with a new seating space and raised beds, repairing compost bins and digging up areas that had overgrown. Our teams have also volunteered at a food bank warehouse, taking in food and household items and distributing parcels to local organisations that provide essential support to families, post Covid-19.

  Tackling economic inequality

  iomart takes its responsibility in this areas very seriously and is committed to acting ethically and with integrity in all of our business relationships. This commitment and subsequent efforts to operate responsibly are fulfilled through the operation of corporate governance processes and ISO-certified business procedures. iomart has implemented robust controls and checks, including continual monitoring, to ensure that there is no modern slavery or human trafficking in its supply chain or in any part of the business. We conduct internal risk and material assessments within our supply chain, requiring suppliers to undergo a due diligence process prior to product or service provision. Employees are paid fairly, with salaries paid directly into their own bank accounts. Cyber security risks are identified and managed via iomart’s Information Security Management System which is based on the requirements of ISO 27001, an internationally-recognised standard governing the protection of personal records and sensitive information. Conformity with this rigorous security standard is monitored continuously and assessed by iomart’s UKAS-accredited certification body, providing external assurance of the controls validated. iomart operates an Equality, Diversity and Inclusion programme which is aligned with the United Nations Sustainable Development Goal #8 - Decent Work and Economic Growth – which promotes sustained, inclusive and sustainable economic growth, full and productive employment and decent work for all. Actions and initiatives to support this goal include: • Mentoring partnerships with MCR Pathways, supporting equality of education outcomes, career opportunities and life chances • Regular engagements with SmartSTEMs, a charity which aims to provide equity of access and opportunity for all young people to STEM education and career opportunities • Partnership with and recruitment via Generation, a non-profit organisation transforming education to employment systems to prepare, place and support people into life-changing careers that would otherwise be inaccessible

  Equal opportunity

  iomart is committed tackling workforce inequality. Closely aligned with the United Nations Sustainable Development Goal #5 - Gender Equality, which aims to achieve gender equality and empower all women and girls, iomart’s approach aims to shine a spotlight on diversity, inclusion, belonging and talent whilst ensuring our policies, recruitment and frameworks are free from bias. To achieve this, iomart: • Operates a diversity and inclusion strategy devised to reduce any real pay gap in the longer term, with an annual Gender Pay Gap report published annually • Has implemented measures to monitor key demographic data, which allows us to set targets to improve representation in key areas • Continues to refresh and expand our employee networks, working towards a gender balance of 30% female representation by 2030 whilst tracking diversity statistics to ensure informed decision making across the business. • Partners with Empowering You, an organisation aiming to build an empowered community of diverse, authentic and confident leaders who can inspire a meaningful and sustainable cultural shift that benefits their organisation, wider industry and society at large • Has implemented an Equal Opportunities Policy in accordance with the Equality Act (2010) • Provides training for managers to better understand neurodivergent and disabled employees’ needs • Publishes a statement on Modern Slavery in accordance with section 54(1) of the Modern Slavery Act 2015, reflecting iomart’s commitment and efforts to operate responsibly • Redacts demographic information from CVs to reduce unconscious bias during the recruitment process • Operates a flexible working policy to promote a healthy work-life balance whilst allowing staff to fulfil other duties outside the workplace such as childcare and supports them working to their individual strengths

  Wellbeing

  iomart promotes the wellbeing of our people though a number of employee benefits and initiatives that impact physical and mental health. These include: • An Employee Assistance Programme with 24/7 support • A cycle to work scheme, with Head Office facilities designed to encourage green commuting • Enhanced benefits with length of service, such as medical and dental cover • Neurodiversity training • Flexible and hybrid working policies to promote a healthy work-life balance This commitment to wellbeing is extended throughout our local communities whereby iomart actively participates in charity engagement and volunteerism. Through our partnership with Business Volunteers, iomart works with local charities to support strong, integrated communities. We began hosting Volunteer Days at our Glasgow and Manchester sites in 2021. We have cooked and served Christmas dinners vulnerable people in Manchester and volunteered at the Glasgow Community Garden Trust to support a food-growing charity in encouraging families to get outdoors, exercise and grow healthy food. Employees helped to rejuvenate the site with a new seating space and raised beds, repairing compost bins and digging up areas that had overgrown. Additionally, iomart worked with FareShare UK to help deliver food that would prepare 40,000 meals for people in need. To further promote the physical health and wellbeing of staff and the wider community, iomart seeks to develop more sustainable business operations intended to reduce its environmental footprint.

Pricing

• Price: £18,000 a unit
• Discount for educational organisations: Yes

Service documents

• Pricing document

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@iomart.com. Tell them what format you need. It will help if you say what assistive technology you use.