| 1) Expertise |
We understand the standards that we work with. We know the FIPS 140 and Common Criteria standards very well and have even contributed to the development of those standards. In addition, we also have a wealth of development and testing expertise using a wealth of technologies and programming languages in a large number of product categories. This means that we can quickly get up to speed on your product as we have probably developed something similar in the past and also, we are able to describe your product to its best.
| 2) Experience |
Rycombe Consulting has been operating in its current form in the field of IT Security Certification since 1998. In that time we have completed over a hundred projects, including a large number of Common Criteria and FIPS 140 evaluations. In addition, we have also worked on banking, national government and military certification projects in the United States, Europe, the Middle East, Far East and Australia.
Our Principal Consultant, Alan Gornall, has been working in the field of IT Security Certification since 1991 and founded Rycombe Consulting in July 1998.
| 3) We are just the right size |
We are not too big that we have to carry a large cost overhead and have to adhere to rigidly defined procedures. We are not so small that we cannot scale up when we need to for large projects. We can add resource at short notice if an urgent requirement comes in.
| 4) Cost Effectiveness |
Because of our size and because of the cost savings that our proprietary tools and techniques allow us to use, we can offer you a cost effective solution. We represent a significant cost saving over both using your own staff and over our competitors. Even if you are happy with your current supplier, let us quote for a project and you will be pleasantly surprised at the potential savings. The relative strength of the US Dollar over sterling also gives us a competitive advantage.
| 5) Communication |
For each project within Rycombe, we assign a point of contact. All communication for that project goes through that individual, so that there is always at least one person who knows what is happening and it is their responsibility for maintaining the project log. That person will also manage the project within Rycombe and will provide continuity through to the close of the project. Depending on your requirements, we can provide status updates weekly, monthly or on significant project events. These can take the form of reports or telephone calls.
| 6) Flexibility |
In our business, our workload is rarely steady. We have to react to changing customer requirements in real time. Over the years, we have adapted our methods so that we are able to cope with changing workloads. We have a core team working on and managing our projects. When our workload is higher than normal we are able to draw on a pool of trusted external consultants who have worked with us for many years. When our workload is below normal, we are able to move staff to less time sensitive projects or to projects designed to improve our effectiveness by improving our tools and techniques. We have grown our annual turnover every year since 2002.
| 7) Speed |
We like to work quickly. We have evolved many systems that allow us to work in an agile manner. We can start work on a project as soon as you want us to, and our customers are often surprised at the speed that we complete our projects. It's good for us as it reduces our management overhead, and it's good for you because you get what you want when you want it.
| 8) We understand business |
We are in business ourselves and understand that if a project slips or costs escalate then that has a direct impact on the bottom line. We have never missed a deadline where we had direct control of the resources necessary to achieve that deadline. We understand though that there are times when a customer needs to re-schedule or cancel a project in response to changing requirements within their company. We can mothball a project and get it up and running again quickly if conditions change.
| 9) Trust |
We operate a clean desk policy. At the end of the day, nothing is left on anyone's desk at the end of the day. We originally introduced this policy as a security measure to protect our data and that of our customers. However, it has also saved us paper, and seems to have led to less stress and improved productivity. Any confidential material is stored in locked filing cabinets, we encrypt all sensitive email and customer source code.
Source code is not stored on our corporate network. It is stored on external hard drives and these are held in our safe.
We use a hardware firewall, all of our workstations are protected with token based access control and we have no remote access to our corporate network.
Our backup strategy is such that no matter what the failure, be it equipment failure, power failure, fire, flood or other natural disaster, we should never lose more than an hour's work, and to date, we never have.
| 10) Stability |
Our Principal Consultant, Alan Gornall, founded Rycombe Consulting in 1998 and is now more active than ever within the company. Our other staff and associates have also been associated with Rycombe for a considerable period. We have a very low staff turnover and are able to provide a high degree of continuity between projects over time and also draw on our huge amount of acquired experience.