Achieving rapid compliance to support the prime contractor

The challenge

This major MOD programme involved the development of a complex bespoke system for use in a high-threat environment. The contract had been awarded to a defence prime contractor that did not have an in-house security team. Due to the nature of the system, it was also appropriate for the system security to be managed by an independent party. Ascentor was appointed as supply side security advisor to develop the technical security solution and manage the accreditation activities in accordance with JSP440 (the MOD’s Joint Services Publication covering security).

The solution

Ascentor assigned a principal security architect to lead on the technical security solution for the system, and an information assurance (IA) consultant to manage the accreditation aspects and the formal deliverables. Both consultants were CLAS (CESG Listed Advisor Scheme) certified equivalent to today’s CESG Certified Professional (CCP) scheme.

Over the course of several workshops, the security architect worked with the prime contractor’s design team to develop the security aspects of the technical design.

The IA consultant was responsible for conducting a threat and vulnerability assessment and a technical risk assessment following the HMG Information Assurance Standards 1 and 2 (IS1 & 2) and associated tools. The consultant developed the derived security requirements and security design documentation to inform the Security Aspects of the Design (SAD) document for the Critical Design review.

The results

In just under four months, Ascentor’s consultants delivered: an IA development plan; the threat and vulnerability assessment; the technical risk assessment; technical security requirements; technical security design; and the Security Aspects of the Design document.

This helped the prime contractor deliver a fully compliant system in accordance with the MOD policy and requirements. The system subsequently achieved full accreditation and Ascentor was asked to support the prime contractor on another project.

Green Bird - White top right

Contact Us

Your cyber security challenges and our pragmatic approach – we could be the perfect fit.
Contact the team at Ascentor for an informal chat.

Get in Touch