QinetiQ’s expert security consultants help organisations plan, validate, design and prepare information assurance regimes to counter threats to business confidentiality, operational reliability, information integrity and system availability.
Customers benefit from:
A focused cyber security policy for protecting information assets that supports business or operational objectives
A cyber security strategy for implementing it, and
Operational plans to manage it
Our service addresses corporate governance, operational objectives, internal and external controls, risk assessment and management, compliance with technical and legal regulations, and the application of secure technologies.
QinetiQ’s information assurance consultants:
Capture requirements and define the context – determining priorities and concerns, objectives, processes and culture, threats, potential impact and organisational structure. This results in a focused understanding of where and how information assurance measures will have the greatest benefit.
Develop and benchmark the security policy and strategy – starting with an overarching policy, strategy and supporting organisational infrastructures, then developing a detailed policy and strategy for individual units/departments or information systems.
Design a system architecture, or assess an existing one – ensuring it supports objectives and incorporates appropriate processes, procedures and technologies to implement the policy and strategy.
Assist with the roll-out and ensure intended business benefits are realised – we help implement the new information assurance regime, or benchmark the status of a current system against recognised standards. We also devise and deliver training and awareness packages to involve and inform staff.
Support the achievement and maintenance of technical and legal compliance – ensuring continuing regulatory compliance and system accreditation.
To achieve a solution that is fit for purpose, we incorporate recognised international information security standards such as the Standard of Good Practice from the ISF and the ISO27000 series of standards, together with security standards appropriate to the customer’s industry.
We also have people who know how to support G-Cloud suppliers and customers through the process of assurance and accreditation of their underlying infrastructure, management systems and cloud services through the Pan Government Accreditation regime.