The NCSC Cyber Assessment Framework

Tailored solution for Operators of Essential Services.

What is the NCSC’s Cyber Assessment Framework?

Following the issue of the Network and Information Systems (NIS) Regulations, the NCSC have provided the Cyber Assessment Framework (CAF) as a resource for Operators of Essential Services (OES).

Arcanum has comprehensive knowledge and experience of the CAF, gained from applying its 14 Principles for Critical National Infrastructure (CNI) organisations and other OES.

The CAF Principles define indicators of good practice (IGPs) for each of the 39 Contributing Outcomes that comprise the 4 CAF Objectives.

Need help?
We’re here for you

Our team of highly qualified and experienced consultants will accurately assess your alignment with the IGPs, and clearly state the areas that need further attention.

We will provide practical assistance and recommendations to ensure your Cyber Security Management System fully addresses and reflects your Industrial Automation and Control Systems/Operational Technology infrastructures.

Whatever your Security needs, Arcanum will apply our wealth of knowledge to your organisation, designing solutions catered to your specific requirements and risk appetite.

Helping you understand the CAF objectives

How Arcanum can help with the CAF

Objective A

Managing Security Risk

  • Governance
  • Risk Management
  • Asset Management
  • Supply Chain Risk Management

How Arcanum can help:

Policy Procedure & Guidance (PPG) Assurance
Governance Recommendations
Supply Chain Assessments
Asset Management Strategies
Objective B

Protecting Against Cyber Attack

  • Service Protection Policies
  • Identity & Access Control
  • Data Security
  • System Security
  • Resilient Networks/Systems
  • Staff Training & Awareness

How Arcanum can help:

Information Security Management System
Education & Training
Secure Identity & Access Control Systems
Architecture & Design
System & Network Testing
Objective C

Detecting Security Events

  • Security Monitoring
  • Proactive Security Event Discovery

How Arcanum can help:

Technical & Physical Security Advice
Logging & Monitoring
Awareness & Response Training
Objective D

Minimising the Impact of Incidents

  • Response & Recovery Planning
  • Lessons Learned

How Arcanum can help:

Business Continuity Plan Design & Delivery
Incident Response Exercises
Incident Response Plans

What can we do for you?

Help You Achieve Secure Delivery of Essential Functions
Provide National Cyber Security Centre (NCSC) Certified Consultants
Conduct Physical and Technological Assessments of System and Network Security
Deliver Consultancy, Testing, Education, Training, and PPG Recommendations to Ensure Compliance
Make Recommendations Suited to your Budget and Needs

Why Arcanum?

A NCSC Certified Consultancy for Risk Assessment and Risk Management
Experienced Information & Cyber Security Specialists
Understanding of ISO 27000 series / IEC 62443 series
Absolute Knowledge of the NIS Regulations and the CAF
Experienced in Supporting Operators and Regulators
High-Quality of Delivery across Defence, Energy, Transport and Aerospace

Secure your business

Talk to us today and ensure your business is protected and secure.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.