All organisations responsible for holding and processing government information must comply with the relevant security standards and guidance – managing the risks to that information such that systems processing it can be accredited.
Commercial organisations are no less bound by national and industry regulation and standards, in particular around protecting personal data from cyber criminals.
Our consultants possess a deep understanding and practical experience of ensuring a wide range of standards are met, and that organisations operate in alignment with applicable security policies.
We perform ‘gap analysis’ against national and corporate standards, and provide guidance on what our customers need to do to achieve accreditation, certification or to align themselves more closely with industry best practice.
QinetiQ’s G-Cloud services
G-Cloud is bringing fundamental changes to the delivery of ICT systems and services to the UK public sector, as organisations transition towards more flexible and cost-effective information- and service-centric cloud computing solutions. The new multi-tenant and multi-access environment introduces new security challenges that need to be managed effectively.
QinetiQ is working with a number of G-Cloud service providers and customers to support them through the process of gaining accreditation for their underlying infrastructure, management systems and cloud services.
We conduct this through the G-Cloud Accreditation process, in agreement with the Pan Government Accreditor (PGA) who acts on behalf of the Public Sector Accreditation Board (PSAB). The process includes the production of structured RMADS, threat and risk assessments, BCS compliance, CoCos and SyOPs.