keepmesafe • 31 July 2020

Fostering Provider Cyber Essentials and IASME certified - Case Study

Following attendance at a Guardian Saints CIC GDPR awareness session, UK Fostering engaged Guardian Saints to provide support and cyber security services to achieve the Cyber Essentials Scheme and the IASME Governance Standard certification.

The benefits of these certifications are that they demonstrate to customers and suppliers that cyber security, data protection and information governance are taken seriously. Indications are that at some point these certifications will be a requirement of public sector organisations contracting with those in the private sector, and can provide a competitive advantage as many SME’s (Small to Medium Enterprises) are discovering. In a number of recent tendering processes with Local Authorities, fostering services who had certification were able to evidence compliance with these standards to support their application.


UK Fostering is a fostering services provider utilised by Local Authorities placing young people in care with suitably matched placements with fostering families. UK Fostering work with Local Authorities in London and the South East, the Midlands, the North West and North East of England. As a function of this they manage a significant amount of sensitive personal information relating to the young people in care, as well as the foster carers they work with, to provide safe homes for vulnerable young people.

Following attendance at a Guardian Saints CIC GDPR awareness session, UK Fostering engaged Guardian Saints to provide support and cyber security services to achieve the Cyber Essentials Scheme and the IASME Governance Standard certification.

The benefits of these certifications are that they demonstrate to customers and suppliers that cyber security, data protection and information governance are taken seriously. Indications are that at some point these certifications will be a requirement of public sector organisations contracting with those in the private sector, and can provide a competitive advantage as many SME’s (Small to Medium Enterprises) are discovering. In a number of recent tendering processes with Local Authorities, fostering services who had certification were able to evidence compliance with these standards to support their application.

Challenge 

Initially, Guardian Saints were required to establish UK Fostering’s current level of compliance with the requirements of the Cyber Essentials Scheme and the IASME Governance Standard.

In a consultative role Guardian Saints, working collaboratively with UK Fostering, the service extended beyond a mere ‘tick box exercise’, which ensured that the required standards were embedded into UK Fostering’s every day working practices.

Solution Provided by Guardian Saints

Guardian Saints operated a truly supportive service to UK Fostering, providing a dedicated consultant to ensure that quality and consistency were provided throughout the certification process.

Guardian Saints are an ideally suited partner for the Cyber Essentials qualification as they hold Certification Body status with the National Cyber Security Centre’s Partner, The IASME Consortium. This enables them to consolidate consultation and support through to final certification.

Support Services included:
  • Pre-assessment review of answers with constructive feedback
  • Where reasonably practical, translation of technical terms into plain English
  • Guidance on the implementation of requirements
  • Provision of template documents including: 
  • DPIA (Data Protection Impact Assessment)
  • Data Mapping
  • Risk Assessment
  • Review of existing documentation where required

Benefits

The key benefit of gaining certification to the Cyber Essentials Scheme, is that it demonstrates that UK Fostering take data protection seriously and provides assurance to both their clients and foster carers that their data is being protected in line with best practices and requirements of the Government National Cyber Security Centre’s framework.

An added benefit of completing the IASME Governance Standard is that it provides reassurance that UK Fostering has in place documented and structured processes which ensure that Data Protection and Cyber Security are embedded in all organisational processes and continue to remain a key business objective.

Having secured certification for the Cyber Essentials Scheme, UK Fostering has benefited from the cyber insurance cover provided free through IASME’s insurance partner, which provides vital incident response services.
Outcomes 

These included:
  • A more comprehensive understanding of the requirements for Cyber Essentials and IASME Governance by UK Fostering
  • UK Fostering were awarded certification for both the Cyber Essentials Scheme and the IASME Governance Standard.
  • A structured and documented set of processes was established to ensure that UK Fostering’s approach to Cyber Security meets best practice guidelines.
  • A defined measure of confidence for UK Fostering’s management team, which evidences that the organisation has achieved a national standard of compliance

What did UK Fostering have to say about this project?

We were invited to attend training on the subject by Guardian Saints and subsequently were offered the opportunity to seek accreditation through Guardian Saints once it was presented to us. This seemed like a good course of action to take for an organisation that was ready to review and explore every facet of its operation, so we investigated further and signed up with Guardian Saints to assist us through the process.



The assessment was a very smooth and informative process. It was helpful that we had just one consultant who was consistent throughout. We found it helpful to review all aspects of our functioning and identify whether we were compliant or needed to make changes to become compliant. It was not just about seeking accreditation, but ensuring that we operated, as a company in a way that recognised and strived to protect the rights of individuals and their data.



There is no doubt that having Cam with me every step of the way and her calm, professional approach is what took us to a successful execution. She was very helpful in breaking some questions down to the basics so I understood exactly what I was answering and ensuring I answered it in the best way.



Without a doubt we are recommending Guardian Saints. They are very knowledgeable in what they do and provide a friendly, down to earth support service, which most definitely ensures the smooth running and timely execution of the project. We are very pleased to have obtained our accreditation.



Sandra

Business Development Manager

UK Fostering