Central Government
Government security in a changing landscape.
The demands on government, non-governmental bodies and their third party commercial suppliers to prove information is appropriately secured are increasing. Any system carrying, storing or transmitting protectively marked data requires an appropriate technology and information risk management process to be carried out. This is to ensure that proportionate security controls have been applied to safeguard the system’s information assets and provide assurance to Accreditors and other key stakeholders.
In a changing Government security landscape, individuals who create and process data and documents must understand how that data should be marked and protected and implement agile, pragmatic and proportionate risk-managed controls throughout its lifecycle. Wherever there is a need for authoritative, expert advice on implementing risk management methodologies, policy or how to mark, process, handle and dispose of data in line with the GCS, our CESG Certified Professional (CCP) certified Consultants can help. Our deep industry experience and links within Government and Cabinet Office, NCSC and the wider IA community, combined with our full spectrum of independent Accreditation and Risk Management services offers you an unrivaled and compelling proposition for your cyber security needs.
As an established cyber security consultancy, we have years of experience in providing information assurance advice to government and third-party commercial suppliers in line with best practice, GovAssure, HMG Policy and Standards and the Security Policy Framework, and our CCP Consultants have a 100% record in successful system accreditations.
HMG Technology & Information Risk Management and Assurance Consultancy services include:
- Governance, Risk & Compliance
- Secure by Design (SbD)
- GovAssure
- Digital Transformation projects
- Specialists in System Assurance (from a CCP)
- Digital transformation assurance services
- Range of outsourced roles (contact us for details)
- Application of current and legacy IA Assurance Methodologies
- Risk Management, Risk Assessment & Risk Treatment following guidance including ISO27005, ISO31000, ISO27001/2 and IAS1&2 (where still used)
- Security Architecture System Designs and Reviews
- Digital and Cloud Security Services
- IA Audits and Reviews including RMADS (where still used), Security Policy Framework (SPF) Compliance
- IA Incident Management
- IA Policy & Standards Advice and Guidance, including policy development and reviews
- Advice on Off-shoring Data
- System Decommissioning Services
- Codes of Connection Reviews e.g. PSN, PSN(P)
- Data Protection
- Privacy Impact Assessments
- Red Teaming
Training for Central Government
Outsourced Solutions
In addition to our core services, we can provide outsourced specialist individuals or teams to work on an ad-hoc or contractual basis, to see through your cyber and physical security projects on time.
Our outsourced specialist roles include, but are not limited to:
- Security Consultant / Risk Assessor
- Information Security Engineer
- Security Incident Responder
- Security SIEM Analyst
- Solutions Designer
- Software Developers
- IT Risk Analyst
- Threat Intelligence Analyst
Find us on G-Cloud 13
Find Us Directly
What our Central Government clients say
Provision of cyber risk specialists and security architects to directly support to over 200 individual projects. Through Advent IM Outsource, our Managing Consultant took on responsibility for inducting, project assignment and overseeing their work through to conclusion. The Department found this saved considerable time and effort having had the burden of overseeing the contractors removed and passed to a trusted delivery partner allowing them to focus on other tasks and priorities.
Advent IM Outsource, A large Government Department
I have worked directly with Advent IM Ltd over the last 5 years on a range of projects for HMG. Those projects and related ICT systems have ranged in size from those that impact every UK citizen to small specialised “one off” deployments.
I have benefitted from Advent IM’s excellent understanding of Information Assurance in the round. This has been increasingly pertinent where data is being exchanged across physical, technical and geographic boundaries. Advent’s expertise in the area of ISO27000 series has shone through on this (as has their knowledge on other standards) and has been key in how risk management has been progressed.
Department for Transport
I found Advent to be a very professional outfit with a friendly and delivery focused approach, thereby allowing project challenges to be tackled together in an open and swift manner. I only have good things to say with regards to Advent and would not hesitate to work with them again or recommend them to another government organisation.
Department for Work & Pensions
Provision of security risk specialists, security/enterprise architects, policy writers and IT project managers to support a programme delivering cyber remediation following a comprehensive external audit.
The client greatly appreciated Advent IM’s expertise in screening potential candidates on their behalf as it removed a large degree of uncertainty on their part for getting experienced and reliable people onboard for the programme. As the programme was working to tight timescales, we provided much needed resilience, as we ensured that if a contractor left the programme, a replacement was sourced and onboarded quickly with minimal disruption.
Downloads
From our Blog
PODCAST: Government Digital Transformation, are we nearly there yet?
We are a decade on from ‘Tell us once’ – the Government service that was supposed to allow users to literally tell Government just once about a change in their lives and that would then be reflected through all the services they use or need. In this episode, we ask the pesky question from from […]