0121 222 5630

Email Aristi Ltd Follow Aristi Ltd on Facebook Follow Aristi Ltd on Twitter Follow Aristi Ltd on LinkedIn Follow Aristi Ltd on Google Plus


You are here:


What is CLAS?

CLAS is the CESG Listed Adviser Scheme – a partnership linking the unique Information Assurance knowledge of CESG with the expertise and resources of the private sector.

CESG recognises that there is an increasing demand for authoritative Information Assurance advice and guidance. This demand has come as a result of an increasing awareness of the threats and vulnerabilities that information systems are likely to face in an ever-changing world.

In addition specific demand will come from:

  • departments seeking to bring their networks into line with the Government Secure Intranet (GSI) requirements
  • departments addressing emerging security requirements associated with the e-Government (Information Age Government) initiative
  • the need to safeguard the Critical National Infrastructure (CNI)
  • the Cabinet Office requirement for departments to implement the British Standard for Information Security Management: ISO27001
  • making ‘government standard’ Information Assurance advice more readily available to the broader public sector (local government, the Health sector, Police Forces etc)

The Scheme aims to satisfy this demand by creating a pool of high quality consultants approved by CESG to provide Information Assurance advice to government departments and other organisations who provide vital services for the United Kingdom.

CLAS consultants are approved to provide Information Assurance advice on systems processing protectively marked information up to, and including, SECRET.

What can we do to help?

All Government Departments handle and manage information as part of their business. The challenge is to use this information to ensure that the public get secure and efficient access to the services they are entitled to. Accreditation is a business process that must be integrated into business management in order to effectively manage information risk. Critical success factors are the proactive involvement of the Senior Information Risk Owner and the development of an organisational framework that fosters a culture where information assurance is a business priority. This is a complex process that requires understanding of business and technical issues.

Through many years of providing expert consultancy to Government Departments we have developed a unique approach to help build accreditation services that are pragmatic, appropriate and cost effective. The result is a manageable and sustainable accreditation programme that allows Government Departments to provide secure services and build public confidence.

We can help meet strategic goals by providing professional consultancy to:

  • Assess Departments against the Accreditation Services Maturity Model and the Information Assurance Maturity Model
  • Conduct audits against HMG IS6 and ISO27001
  • Carry out business impact assessments and technical risk assessments in accordance with HMG IS1
  • Develop an accreditation framework
  • Develop Risk Management and Accreditation Document Sets (RMADS) in accordance with HMG IS2
  • Provide advice and guidance on technical architecture and compliance against CESG standards
  • Develop security operating procedures and policies
  • Provide advice and guidance on compliance with the PSN CoCo and development of compliant architecture
  • Provide penetration testing services in line with CESG CHECK standards


Please contact Aristi to discuss your requirements. Filling in the form below is the quickest way to get in touch with the relevant person at Aristi.


Keep up-to-date with insights and info on all areas of Information Assurance, Information Security, Penetration Testing & Data Sharing from the award-winning consultants Aristi.

Latest Tweets

Looking forward to exhibiting at the Emergency Services Show this week. #ESS2018
Cyber security firm offers free GDPR seminars | GBCCBirmingham-based data protection and cyber security specialists… https://t.co/BtNQx4ORts
Virtual Data Protection Officer https://t.co/Lp0sA0A0uT

Subscribe to our Newsletter

Latest Blog Posts

  • Virtual Data Protection Officer

    The GDPR introduces a duty for you to appoint a data protection officer (DPO) if you are a public authority, or if you carry out certain types of processing activities. To support your on going GDPR compliance and management requirements, we can provide a Virtual Data Protection Officer (vDPO) service giving you access to independent […]

    Written on Thursday, 10 May 2018
  • Protecting Businesses with Cyber Essentials

    The lack of basic cyber security controls remains a significant factor in the vast majority of cyber attacks in the UK today. Businesses are left worried about hackers, data loss and security, and are not sure where to turn. The scale of the threat is nothing new.  The media now regularly covering stories of data […]

    Written on Monday, 05 March 2018
  • Are Phishing Emails still a problem?

    There is so much technology and software available these days, preventing malware and malicious emails from getting into our systems that you have to ask are phishing emails still a problem? One of the most used communication technologies is still email due to its versatility and ease of use. However, because of this we now […]

    Written on Friday, 02 March 2018