Your organisation has been selected on to the Department for Work and Pensions’ Work Programme Framework, either as a prime or sub-contractor. This could potentially be great for your organisation as a commercial platform, and the time and cost involved in bringing your services to market may have been reduced.
However, being on the Work Programme Framework does bring additional challenges that your organisation may not have previously faced. For example, you will now be storing and processing DWP data on your network, and have to demonstrate to either DWP directly or a prime contractor that you have the necessary security controls and processes in place to protect this data, verified by an independent third party such as NTA.
Is the Work Programme information in storage or transit encrypted using a FIPS 140-2 validated product? Do your password controls meet the minimum security requirements?
NTA has helped organisations on the Work Programme Framework to answer questions such as these and ensure information security best practice via our range of testing, auditing and consultancy services.
One of the team is always willing to discuss any specific requirements or questions you might have so feel free to contact us.
I wish to highlight the outstanding work that your consultant undertook whilst doing the ICT Health Check for the Council.
Particularly notable was the level of technical knowledge displayed by NTA’s consultants, and we were also impressed that they were willing to share this knowledge with the network team.
We have found NTA to be an excellent supplier, offering a very good service at a competitive price. A key differentiator is that they are happy to answer any questions...
I have found NTA to be an approachable knowledgeable partner, and have no hesitation in recommending their services.
The quality of both the initial work and follow-up advice and guidance was excellent, and NTA provided full lifecycle support to the development and delivery of our Online Services portfolio.
On one occasion our third-party did not believe the vulnerability was an issue - having had their software tested by another well-known security testing company - and NTA Monitor were...
NTA Monitor are very supportive, especially regarding general questions about Information Security issues such as hacking and vulnerabilities.