Independent reassurance that products and services are capable of protecting your information.
When developing a product or rolling out a service which has the responsibility of protecting sensitive information, end customers often require a level of independent assurance that the product or service mitigates the threats which it is required to protect against. Roke's Product and Service Assurance services provide this level of assurance, backed by the experience of providing such services for the UK Government
What We Do
More than a 'tick-box test lab' we work with our test and evaluation clients to advise on the most cost effective method of assuring a product or service. We offer:
Based upon our status as a CESG Commercial Product Assurance (CPA) test lab, we are able to evaluate products based on the UK Government's scheme for product assurance, either as a full CPA evaluation or a bespoke evaluation for a specific use case, deployment or product.
Focusing on networking and telecommunications systems, our Service Assurance capability is based upon the CESG Assured Service (CAS) scheme to provide appropriately audited secure telecommunications for UK Government. We are able to conduct a complete audit against the CAS scheme, which includes technology as well as procedural controls of IT systems, or a bespoke audit to mitigate typical cyber-attack risks. The service also addresses mitigations against other risks such as loss of availability, insider attack or even physical attack.
As well as the ability to evaluate services which are provided to third parties, we can also help prepare your organisation's internal corporate IT systems for audit against the ISO27k standard, which is quickly becoming a mandatory information security standard across a number of industries. We are able to help your organisation prepare for ISO27k status through the identification of requirements, development of an Information Security Management System (ISMS) and support in implementing controls.
You can have confidence in our services.
- We are completely independent of device manufacturers and IT service providers, with a track record of protecting our clients' intellectual property
- Established and well respected CESG CPA and CAS services
We have developed world leading skills through our work with UK Government and corporate clients over 20 years to understand cyber threats, manage those risks and to select the best technical solutions to protect secure systems and information.
CPA & CAS-T
Using our expertise in security testing we pro-actively support clients seeking assurance of products and services. We provide advice and planning services, from helping you to establish the business case for independent security assurance, through to managed testing within defined timescales. Using Roke's experienced Information Security consultants, we have been able to successfully suggest alternative more flexible security measures which were more efficient to implement within existing products, yet provide equally secure solutions for protecting Government information.
If you are developing a product or service which is designed to protect end customer information, please contact us to discuss how we can grow your market share through independent validation that your solution is secure.