Security Accreditation

Sharing information is core to improving service delivery. However, it also exposes organisations to more risk in terms of cyber security threats and data loss. The growing need for legislative or regulatory compliance means that security accreditation is now a key part of any security architecture project or programme.

VEGA’s approach to information accreditation

Whether needing to adhere to formal security standards, or to informal requirements to prove security and resilience, VEGA’s security accreditation service provides clients with confidence that they are conducting business in accordance with requirements.

VEGA has many years’ experience in the UK and European military, civil, and commercial sectors, including delivering accreditation up to the most stringent UK military standards. This experience enables us to advise clients on the most appropriate security approach to help define and achieve their security needs, according to the relevant accreditation scheme.

Providing a security accreditation scheme

While system security is important (particularly for integrity, availability, and for access control), often there is not the appropriate accreditation scheme in place to provide the assurance required, especially in emerging nations and commercial spheres. VEGA recognises, however, that alongside security, clarity of process is essential to keep on-board the potential mix of stakeholders who may be involved. As a result, our clear and logical approach to security accreditation is well documented, enabling confidence of a clear conclusion.

VEGA can provide a full accreditation scheme, proving that security threats are met in accordance to the analysed risk. The accreditation support services include:

  • Analysis of relevant security risks
  • Definition of accreditation strategy – defining the relevant approach to meet the customer specific security needs
  • Definition of accreditation policy – enabling a mature scientific approach to clearly defining the requirements on the system developer to provide the client with the confidence of achieving successful accreditation
  • Training and advice to accreditor(s), evaluators, and system designers, to enable understanding and compliance with the accreditation process.
  • Analysis and review support, against the accreditation policy
  • Project management of accreditation processes, to enable timely, predictable, and successful completion
  • Change management and re-accreditation service through operational life, enabling confidence that new threats are addressed, and system security is maintained through system evolutions

Contact VEGA for more information about security accreditation