Penetration Testing and Information Security Services for DWP and A4e Partners

First Defence offer a full range of services to assist DWP and A4e Partners in securing their organisation to the level required by Action for Employment (A4e) and the Department for Work and Pensions (DWP). Our services include penetration testing, social engineering, ISO27001 ISMS, and due diligence reviews.

A4e requires its Partners to use an independent reputable company to undertake penetration testing of their infrastructure and applications. This means that such testing should be performed by an independent external company that is not providing systems or services connected in any way with the Work Programme Partner Information Systems and Services, and which is recognised as an experienced specialist in Information Security services.

First Defence meets these requirements being recognised by CREST (the Council of Registered Ethical Security Testers), with our consultants being ICE and ACE CREST Certified Testers (CCT), and has many years of experience in delivering all the services to support the security requirements mandated by A4e.

The governance and testing requirements imposed by A4e are designed to reduce vulnerabilities that would pose a threat to the confidentiality of A4e and DWP data being held or processed on Partner Work Programme Information Systems and Services.

This is not limited to technical vulnerabilities, and testing also examines the settings and features of user access to the Partner Work Programme Information which could allow misuse of authorised access to perform unauthorised actions. It also extended to physical security and social engineering. First Defence are world renowned for their penetration testing and social engineering expertise.