What is the Certified Cyber Security Consultancy scheme?
The NCSC (National Cyber Security Centre)’s CCSC (Certified Cyber Security Consultancy) scheme is primarily aimed at public-sector organisations that have to use a government-approved procurement framework to purchase or acquire security services, and at private-sector organisations that have to provide assurance that the services they provide are secure.
The CCSC scheme, which is now focused on consultancy companies rather than individual consultants, seeks to establish the wider credentials of such companies in delivering high-quality, tailored and expert cyber security advice.
Consultancies registered under the scheme can apply to be listed as an approved supplier. The NCSC has worked in partnership with the CCS (Crown Commercial Services) to establish a central route for the public sector to procure certified consultancy services.
This initiative is aimed at providing the government, as well as the wider public sector and critical national infrastructure facilities, with support on a varied and complex range of cyber security issues.
Does your organisation need support?
If you would like to know more about our consultancy services, and how we can help you achieve compliance with local standards, frameworks or regulations, speak to one of our experts today.
What this certification means
One of the benefits of the NCSC scheme is that every certified consultancy is assured by the NCSC. Organisations delivering NCSC-approved cyber security consultancy must appoint a suitably skilled NCSC Certified Professional.
Whether you are a public-sector organisation seeking government-approved service suppliers or a private-sector organisation in need of highly qualified consultancy services, the certification is a guarantee of the consultancy’s ability to deliver quality cyber security advice and services.
Certified cyber security consultancies will have demonstrated that they:
- Have a proven track record of delivering defined cyber security consultancy services;
- Have a level of cyber security expertise supported by professional requirements defined by the NCSC; and
- Manage consultancy engagements in accordance with industry good practice.
Certified cyber security consultancies will also have shown that they meet the NCSC’s standards and can be trusted to act in the government organisation’s name.
IT Governance is not currently certified under the CCSC scheme, but we hope to be an early adopter. We offer consultancy services related to the scheme’s four categories:
IT Governance has been approved under the government’s G-Cloud framework to provide six cyber security services via the government’s Digital Marketplace for Cloud support.
Find out more about our G-Cloud consultancy services >>
How we can help you and your organisation
Our audit and review consultancy service is designed for public-sector organisations requiring trusted consultancy services to achieve compliance with local standards, frameworks or regulations. It’s also beneficial for private-sector entities seeking greater confidence in them from customers and stakeholders.
The service is useful for organisations looking to comply with UK government standards, frameworks and guidelines such as the Security Policy Framework, National Cyber Security Strategy, 10 Steps to Cyber Security, IA Maturity Model and 20 Critical Controls.
Organisations can also benefit from our expertise by having a thorough audit performed on specific provisions of international standards that are causing problems.
Find out more about our audit and review consultancy service >>
Why choose IT Governance?
IT Governance is a leader in the field of information management standards and best-practice IT governance, with more than 15 years of experience helping global organisations in the private and public sectors obtain local and international regulatory accreditations.
We offer a complete set of products and services, including consultancy, penetration testing, audits, books, toolkits, training courses and staff awareness for IT governance, risk management, cyber security, regulatory compliance and data protection. This means you can get whatever you need for your project in one place.
IT Governance is recognised under the following frameworks:
- UK government CCS-approved supplier of G-Cloud 9 services
- CREST certified as ethical security testers
- Cyber Essentials Plus certified, the UK government-backed cyber security certification scheme
- ISO 27001 certified, the world’s most recognised cyber security standard