What is the Certified Cyber Security Consultancy scheme?
The NCSC (National Cyber Security Centre)’s CCSC (Certified Cyber Security Consultancy) scheme is primarily aimed at public-sector organisations that have to use a government-approved procurement framework to purchase or acquire security services, and at private-sector organisations that have to provide assurance that the services they provide are secure.
The CCSC scheme, which is focused on consultancy companies (rather than individual consultants, as before), seeks to establish the wider credentials of such companies in delivering high-quality, tailored and expert cyber security advice.
Consultancies registered under the scheme can apply to be listed as an approved supplier of consultancy in four categories:
- Security Architecture
- Risk Management
- Risk Assessment
- Audit & Review
The NCSC has worked in partnership with the CCS (Crown Commercial Services) to establish a central route for the public sector to procure certified consultancy services.
This initiative is aimed at providing the government, as well as the wider public sector and critical national infrastructure facilities, with support on a varied and complex range of cyber security issues.
What this certification means
One of the benefits of the NCSC scheme is that every certified consultancy is assured by the NCSC. Organisations delivering NCSC-approved cyber security consultancy must appoint a suitably skilled NCSC Certified Professional.
Whether you are a public-sector organisation seeking government-approved service suppliers or a private-sector organisation in need of highly qualified consultancy services, the certification is a guarantee of the consultancy’s ability to deliver quality cyber security advice and services.
Certified cyber security consultancies will have demonstrated that they:
- Have a proven track record of delivering defined cyber security consultancy services;
- Have a level of cyber security expertise supported by professional requirements defined by the NCSC; and
- Manage consultancy engagements in accordance with industry good practice.
Certified cyber security consultancies will also have shown that they meet the NCSC’s standards and can be trusted to act in the government organisation’s name.
Cyber security consultancy from IT Governance
Although IT Governance is not currently certified under the CCSC scheme, we do provide consultancy services related to the scheme's four categories.
We have also been approved under the government’s G-Cloud framework to provide six cyber security services via the government’s Digital Marketplace for Cloud support.
IT Governance is a leader in the field of information management standards and best-practice IT governance, with more than 15 years of experience helping global organisations in the private and public sectors obtain local and international regulatory accreditation.
We offer a complete set of products and services, including consultancy, penetration testing, audits, books, toolkits, training courses and staff awareness for IT governance, risk management, cyber security, regulatory compliance and data protection. This means you can get whatever you need for your project in one place.
View our cyber security consultancy services
IT Governance is recognised under the following frameworks:
- UK government CCS-approved supplier of G-Cloud services
- CREST certified as ethical security testers
- Cyber Essentials Plus certified, the UK government-backed cyber security certification scheme
- ISO 27001 certified, the world’s most recognised cyber security standard
Find out more about our credentials