London, UK – 27 November, 2013 – Auriga Consulting Ltd (Auriga), the expert data, ICT and security consultancy, today announced the launch of the Government Security Classifications Policy (GSCP) Transition Service to enable Government Departments, Agencies and their suppliers to realise the business and security benefits of the new classifications policy. The GSCP Transition Service is a risk management package that fulfils current and future requirements by using data life cycle management to manage data assets. Offered as a modular service, the GSCP Transition Service can be implemented end-to-end or used to augment existing data lifecycle processes and is delivered by a team of CLAS and CESG Certified Professional (CCP) consultants, Business Analysts and Technical Architects with risk management expertise and is available on the G-Cloud Cloudstore.
Departments, Agencies and their suppliers are in the process of planning to transition to the new Government Security Classifications Policy (GSCP) in order to meet the go-live date of April 2014. However, this date marks only the start of what will be a generational change as Departments, Agencies and their suppliers begin the long process of implementing significant business and process change across their organisations.
Transition to GSCP is further complicated by an overreliance on existing protective markings which has seen Departments and Agencies use them as the basis for the formulation of risk management policy. Government Departments and Agencies that have used the current protective marking system to direct risk management processes will no longer be able to rely on this for OFFICIAL assets, which will no longer be labelled by default. Risk management processes and practices across Central Government will therefore have to be refined and developed so that they become far more effective than today and are better placed to support Government’s ICT, Cyber Security and Digital Strategies.
The GSCP Transition Service has been specially developed to assist Government Departments, Agencies and their suppliers as they seek to adjust to and implement the new classification system. Based upon data life cycle management and risk management best practices, the GSCP Transition Service comprises a three step process – Asset Creation, Asset Realisation and Asset Cessation – with further service offerings detailed under each, as shown below:
- Step 1: Asset Creation – available as three distinct service offerings: Asset Identification, Asset Valuation and Impact Assessment. These service elements provide the organisation with the necessary foundations from which to build sustainable risk management processes by helping the business recognise and identify what is important and why.
- Step 2: Asset Realisation – offers six distinct service offerings: Risk Appetite & Strategy, Threat Assessment, Vulnerability Assessment, Risk Mitigation & Assurance, Residual Risk Assessment & Management and Accreditation. These service offerings provide a complementary set of risk management processes which are both informed by, and supportive of the challenges the organisation will meet.
- Step 3: Asset Cessation – offers two distinct services: Legacy Management and Decommissioning. These provide an important but often overlooked set of concluding processes, which ensure that assets continue to be risk managed as they become legacy and through to the point of assured destruction or reuse.
“The GSCP offers a real opportunity for Government Departments, Agencies and their suppliers to tackle the thorny issue of data classification and risk management policy which, though interlinked, should never be co-dependent. By documenting and managing out data as a life-cycle process, the GSCP has the potential to create far more effective and efficient working practices across Central Government and bring about the necessary cultural change and reform that the policy is helping to deliver as part of the Civil Service Reform Plan.” said Louise T. Dunne, Managing Director, Auriga. “We have seen a real demand for assistance in implementing these changes which is why we decided to launch the GSCP Transition Service to help achieve and maintain compliance with this new policy now and into the future.”
The Auriga GSCP Transition Service is also complemented by a range of specialist services. These include Onboarding, Design Authority, Secure Business Process Analysis, Design and Development, Project Specification and Selection, Transition Management and SIAM Enterprise Architecture/Project Management and Selection.
The GSCP Transition Service is now available over the G-Cloud iii Framework Cloudstore at: http://govstore.service.gov.uk/cloudstore/supplier/info/auriga-consulting-ltd/.
Further details, including the GSCP Transition Service datasheet, are available upon request.
Auriga Consulting Ltd (Auriga) is an expert consultancy specialising in Data Management, Information Assurance, Corporate Governance, Business Process Modelling, Analysis, ICT and Security. We advocate data as the most valuable part of your business and combine superior security and assurance knowledge with a wealth of business management consultancy and efficiency skills. Using a unique set of methodologies we embed security by overlaying it onto business process and analysing data.
Auriga reported a turnover of more than £1million in its first full year of trading, cementing its reputation as one of the most dynamic and versatile solutions providers in the marketplace today. We have worked on some of the most demanding projects in the UK for customers from the public and private sectors, advising upon the architectures and business processes adopted for the G-Cloud project, NHS and social services databases, and leading the BSi’s largest audited UK organisation successfully through ISO 27001. To find out more, please go to www.aurigaconsulting.com or follow us on Twitter @AurigaConsult.