back to listings SME Profile: Stratia Consulting Ltd
|Stratia Consulting Ltd
53 Chandos Place
0800 644 0193 (Freephone)
Welcome to Stratia Consulting
Stratia Consulting specialise in Information Assurance, Risk & Cyber Security.
Stratia Consulting are a HMG approved supplier of Cyber Security services, we are one of the first companies to be certified under the new CESG Certified Cyber Security Consultancy framework which is the replacement for the CESG Listed Advisors and Security Architects (CLAS) scheme which our employees have been accredited with for years. Our consultants have extensive experience of applying UK government information assurance policy, standards and related guidance documents, all have been involved in writing many of these documents, as well as applying it as lead practitioners in major government departments. We are an IASME Gold partner and a Cyber Essential Plus certification body further detail can be found on the G-Cloud/Digital Marketplace.
We are fully familiar with:
- The Cabinet Office Security Policy Framework
- HMG Information Assurance Standards (IS1, IS2, IS4, IS5, IS6 & IS7)
- HMG Cloud Security Principles
- CESG Good Practice Guides and related guidance documents
- Information Assurance Maturity Model Assessments
- Privacy Impact Assessments
- Forensic Readiness Planning
- Transition to Cloud based services
- Cyber Security Assessment and planning
Our highly skilled and experienced consultants provide a wide range of services including:
- Cyber Security
- Policy and standards
- Risk Assessment
- Risk Management
- Security Architecture
- Information Assurance Methodologies
- Audit and Review
- Incident Management
- CLAS Consultancy Services / New scheme
- ISO 27001
- PCI DSS
- Cyber Essentials Plus
- Critical National Infrastructure / SCADA Services
- ITSO Service / Ops Sec Manager
- Business Resiliency / Continuity services
- Cloud transition security risk management
- Research initiatives
Our services cover the provision of:
- Strategic protective security advisory services
- Strategic information security advisory services
- Advice on the implementation of UK Government and international Information Assurance (IA) Standards and Policy
- Information Assurance gap analysis
- Compliance analysis
- Technical Security Assessments (vulnerability assessments and penetration testing)
- Domain Knowledge – an understanding of risks & threats in an organisations current processes and procedures along with the knowledge to mitigate the potential new threats.
- Delivery – Highly effective and of a high standard delivery meeting client requirements.
- Continuous improvement – Stratia practises what it preaches and continually seeks to improve and will work with clients to continually evaluate & evolve as the risks and threats are assessed.
- Resilience – ensuring your business will continue effectively despite daily threats.
- Accreditors to help you accept and manage your information risks
- Compliance - IT compliance checkers and penetration testers to provide assurance in the design and operational security of your systems
- Awareness - Security awareness course design and delivery
In addition to working with civilian UK government departments, Stratia Consulting specialise in the defence sector including List X and other defence contractors. We are fully familiar with JSP440 and related defence information security policy, as well as broader UK government policy, standards and documents.
- Consultants, including former CESG Listed Advisors (CLAS consultants) where appropriate, to produce JSP440-compliant risk management and accreditation document sets (RMADS) and related documents
- Security architects to help design security into your systems from the beginning
- IT compliance checkers and penetration testers to provide assurance in the design and operational security of your systems
- Operational Security Management
Our consultants include former armed forces officers and senior NCOs with front-line experience in physical and environmental security, and well as security specialists familiar with current military IT and communications systems. All Stratia consultants have SC or DV clearance.
- Ministry of Defence
- Defence Contractors
- System Integrators
- Private Specialist Risk & Security Companies
Commercial clients are increasingly adopting cyber defence and information assurance techniques and controls that have previously been associated with the government and defence sectors. Our services can be tailored to your organisation's needs, and may include:
- Advice on designing, implementing and maintaining an ISO 27001 compliant Information Security Management System (ISMS)
- Certification company for Cyber Essentials Plus certification
- Corporate information risk analysis, gap analysis and health checks
- IT compliance checking and penetration testing
- Security Architecture and design assurance
- Security Audits of processes and systems
- Operational security management
- Data Protection Act compliance
- Security Awareness training for staff and technical staff
Our consultants include specialists in Industrial Control Systems (ICS) and SCADA security within the Energy and Utilities sector, including assessment of, and compliance with, the US NERC Critical Infrastructure Protection (NERC CIP) Standards.
Recent experience includes digital security aspects of electricity generation and transmission control systems, telemetry systems and pipeline command and control systems and computer based systems important to safety (CBSIS) within the UK civil nuclear industry.