Templar Executives

Cyber Security Education Training and Services

Award winning, international SME providing holistic Cyber Security consultancy to governments/private sector. Services include Strategy; Board-level engagement; Competency development; GCHQ Certified Training/eLearning for NEDS, Boards, SIROs, CISOs, IAOs, Clinical roles, Cyber Security Awareness, GDPR, NISD; Business/Threat Intelligence; Audits; Incident Response; Red Teaming; Technical and Policy Reviews; Cyber resilience development.

Features

  • Interactive and engaging content, including GCHQ certified courses
  • Scenario based; ability to customise with own branding, policies, etc
  • Speedbriefs and assessment to consolidate and measure learning
  • Blended solutions on/offline to support learning with experienced SMEs
  • Up to date content developed by experienced Cyber SMEs
  • HTML, mobile and tablet friendly, easy navigation and bookmarking
  • SCORM 1.2 and 2004 compatible hosted courses (in house optional)
  • GCHQ certified training/mentoring for NEDs, Boards, SIROs, CISOs, IAOs
  • GCHQ certified elearning including Maritime, Cyber Awareness, GDPR, NISD, IAOs
  • Glossary and customisable speedbriefs

Benefits

  • Increased knowledge and awareness of cyber security best practices
  • Learning experience optimised for immediate application in workplace
  • Learning can be tracked and MI produced for audit/compliance
  • Learning accessible on demand to accommodate operational needs
  • Scalable and cost effective offerings
  • Assessment and personalised certification of completion to motivate/recognise employees
  • Helps support compliance with industry standards and legislation
  • Helps employees understand how to prevent, detect and mitigate risks

Pricing

£750 per person per day

Service documents

Framework

G-Cloud 11

Service ID

8 9 6 6 5 8 7 2 9 9 9 3 9 8 6

Contact

Templar Executives

Anu Khurmi

0203 542 9075

anu@templarexecs.com

Service scope

Service scope
Software add-on or extension Yes, but can also be used as a standalone service
What software services is the service an extension to This service can be provided as an extension to Learner Management Systems (LMS) for Cyber Security and Information Assurance training and consultancy services.
Cloud deployment model Public cloud
Service constraints N/A
System requirements
  • Minimum OS Windows 7
  • Internet Explorer 9 and above
  • Browsers - Firefox, Safari, Google Chrome
  • IOS and Android (mobile and tablet) compatible

User support

User support
Email or online ticketing support Email or online ticketing
Support response times SLA is agreed upfront with client.
User can manage status and priority of support tickets No
Phone support Yes
Phone support availability 9 to 5 (UK time), Monday to Friday
Web chat support No
Onsite support Yes, at extra cost
Support levels SLA is agreed upfront with client in accordance with their requirements.
Support available to third parties No

Onboarding and offboarding

Onboarding and offboarding
Getting started The service is simple and no additional training is required in order to access training. Should any additional support be required, we would agree with the client and ensure a seamless approach for users.
Service documentation Yes
Documentation formats PDF
End-of-contract data extraction We delete any client information (which is kept minimal) and confirm, as per agreement, with the client that this has been actioned. Where the client is hosting, the data is stored on their own system and managed accordingly.
End-of-contract process User data is deleted and confirmed with the client. Typically there are no additional costs when a contract comes to an end.

Using the service

Using the service
Web browser interface Yes
Supported browsers
  • Internet Explorer 9
  • Internet Explorer 10
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari 9+
  • Opera
Application to install No
Designed for use on mobile devices Yes
Differences between the mobile and desktop service There are less cosmetic background images to ensure fast loading speeds, otherwise functionality is the same.
Service interface No
API No
Customisation available Yes
Description of customisation Branding, content and images can be customised; this is scoped in accordance with client requirements and will be developed and provided as an additional service from Templar Executives.

Scaling

Scaling
Independence of resources Proactively monitoring usage and upgrading capacity as required.

Analytics

Analytics
Service usage metrics Yes
Metrics types MI reports are generated - user access, number of attempts, assessment score and completion rates.
Reporting types
  • Regular reports
  • Reports on request

Resellers

Resellers
Supplier type Not a reseller

Staff security

Staff security
Staff security clearance Conforms to BS7858:2012
Government security clearance Up to Developed Vetting (DV)

Asset protection

Asset protection
Knowledge of data storage and processing locations Yes
Data storage and processing locations United Kingdom
User control over data storage and processing locations Yes
Datacentre security standards Managed by a third party
Penetration testing frequency At least once a year
Penetration testing approach In-house
Protecting data at rest Physical access control, complying with another standard
Data sanitisation process Yes
Data sanitisation type Deleted data can’t be directly accessed
Equipment disposal approach A third-party destruction service

Data importing and exporting

Data importing and exporting
Data export approach Data hosted in the client LMS environment is already accessible in accordance with the client procedures.
Where hosted by Templar Executives, MI is provided in accordance with the agreed client SLA.
Data export formats Other
Other data export formats
  • MI reporting in PDF provided by Templar Executives when hosting.
  • For client hosting, it will depend on the client's LMS.
Data import formats
  • CSV
  • Other
Other data import formats
  • If hosting, Templar Executives upload data via CSV.
  • If hosted by client, SCORM 1.2 or 2004 files provided.

Data-in-transit protection

Data-in-transit protection
Data protection between buyer and supplier networks Other
Other protection between networks Templar Executives and client will transmit data directly with each other in accordance with the protocols for data protection in place.
Data protection within supplier network IPsec or TLS VPN gateway

Availability and resilience

Availability and resilience
Guaranteed availability We agree SLA upfront with client and have not had cause to provide any refunds to date.
Approach to resilience Available on request.
Outage reporting Primarily via email alerts.

Identity and authentication

Identity and authentication
User authentication needed Yes
User authentication
  • Username or password
  • Other
Other user authentication For client hosted LMS environment, authentication will be done by client.
Access restrictions in management interfaces and support channels Unique user sign on and password allows access to be restricted.
Access restriction testing frequency At least every 6 months
Management access authentication
  • Username or password
  • Other
Description of management access authentication N/A

Audit information for users

Audit information for users
Access to user activity audit information Users receive audit information on a regular basis
How long user audit data is stored for User-defined
Access to supplier activity audit information Users receive audit information on a regular basis
How long supplier audit data is stored for User-defined
How long system logs are stored for User-defined

Standards and certifications

Standards and certifications
ISO/IEC 27001 certification No
ISO 28000:2007 certification No
CSA STAR certification No
PCI certification No
Other security certifications Yes
Any other security certifications Cyber Essentials Plus

Security governance

Security governance
Named board-level person responsible for service security Yes
Security governance certified Yes
Security governance standards Other
Other security governance standards Cyber Essentials Plus
Information security policies and processes Our Information Security suite of policies is based on best practices and we are diligent and committed across the company in practicing and maintaining a proactive approach with regards to safeguarding all information assets. We are Cyber Essential Plus certified and undergo regular external audits in order to maintain key certifications such as our GCHQ certifications for a wide range of training courses.
We keep our processes updated in line with current threats and apply the same scrutiny to our third party suppliers, ensuring they also have the security controls we require commensurate with the information being handled.

Operational security

Operational security
Configuration and change management standard Supplier-defined controls
Configuration and change management approach We apply version control for the content and a QA process to assess impact and quality control before any changes are released, which will include security.
Vulnerability management type Undisclosed
Vulnerability management approach We continually assess risks and threats to our service and liaise with our suppliers who take a proactive approach in addressing any potential vulnerabilities.
Protective monitoring type Supplier-defined controls
Protective monitoring approach N/A
Incident management type Supplier-defined controls
Incident management approach We have an incident response policy which describes the process. Any users are able to contact us direct or through their management if there is an issue/concern they wish to report.

Secure development

Secure development
Approach to secure software development best practice Conforms to a recognised standard, but self-assessed

Public sector networks

Public sector networks
Connection to public sector networks No

Pricing

Pricing
Price £750 per person per day
Discount for educational organisations No
Free trial available No

Service documents

Return to top ↑