Security at our core

SecurityGeoff Smith Associates has a formalised and comprehensive Process for all areas of physical and information security and confidentiality. The Policies and Procedures are actively enforced and are communicated to staff via Training Programs (including Induction and On the Job Training) and within specific Customer-Project Meetings. The Policies and Procedures which ensure data remains under secure control extend to personnel security, physical building/premises security, IT Infrastructure security and Business-Continuity. All access to systems, and to Customer Data and Documents is permission enabled only.


All collections and deliveries are pre-arranged with pre-defined journeys on the basis of ‘a nonstop policy’.

  • Transportation is within GSA’s own vehicles, manned by two GSA (SC vetted) staff.
  • Vehicles are protected with “Slam Locks” tracked by two trackers and integral Safes.
  • At all times physical files are retained within secure closed boxes. All data is encrypted to an agreed standard.
  • GSA vehicles are utilised for one client at a time on a one customer, one journey basis.
  • The movements of files are recorded as part of the Full Audit Trail. This means that at all times the continuity of handling of material is audited and accounted for.

**The ‘Transportation’, ‘Non Stop’ and ‘One Customer, One Journey’ Policy is subject to clarification for different classifications of data and documents defined for IL1, IL2, IL3 and IL4.

Internal security

Security and Quality are not labels we stamp on the Bureau service at the end of the process but are a significant part of the whole business process from start to finish. GSA has been operating a Quality Management System to BS EN ISO 9001 since 2003 and from 2010 attained Information Security Management System ISO 27001 accreditation. Additionally, GSA systems and processes are compliant in accordance with the Code of Practice for Evidential Weight and Legal Admissibility of Linking Electronic Identity to Documents (BIP 0008-3:2008). The BIP 0009 Compliance Work Book is available to view. Additionally, for Policing Customers, GSA has been assessed as a Police Approved Secure Facility for Impact Level 3 and 4 by the Home Office National Police Information Risk Management Team (last Inspection May 2013).

Building Security

Where Information Security is imperative, secure services start with physical Building Security and the application of sensible security products to minimise risks:

  • Monitored and Recorded PIR Alarm Systems
  • Actively monitored and recorded CCTV
  • Defined key holders & FOB Locked Internal Doors
  • Obscured Door & Window with Security Grilles
  • Isolated work areas with ‘One Job Open’ Rule
  • Climate Controlled Storage with double Caging and Cabinets

Infrastructure Security

In the background at IT and User Level we address infrastructure issues by utilising systems and products with known provenance and quality assurance:

  • Fully encrypted and isolated Network
  • Retention of a wholly complete electronic and manually recorded Audit Trail for all events provided to a uniquely extensive level
  • Disabled E-mail, Internet Connections & USB Devices on all Bureau Computers
  • Work access by Individual User Permissions
  • Secure communication Criminal Justice E-Mail address:,,,
  • No Media Devices such as Mobile Phones/ Cameras in Restricted Areas
  • Controlled Firewall, Anti Virus and Back Up Processes within actively addressed Disaster Recovery & Business Continuity framework.

Next Steps

> Get in touch to see how we can help you.


ISO9001 Quality Management System (Accreditation since: 2003 Certificate No 97492020)

ISO27001 Information Security Management System (Accreditation since: 2010 Certificate No 168202020)

ISO14001 Environmental Standard and Social Value (Accreditation since: 2014 Certificate No 216712020)

Cyber Essentials Plus Certificate: Cyber Essentials Accreditation since: 2014. Cyber Essentials Plus accreditation since 2017

NHS Data Security and Protection Toolkit (22/23 Standards Exceeded: Organisation code E5D0H)

GSA operate from a Police Assured Secure Facility (PASF)


GSA Solutions are available to purchase through a number of leading frameworks, including:

G-Cloud 13 – Crown Commercial Services

Digital Outcomes and Specialists (DOS 6) – Crown Commercial Services

Contact Us

5 Cartwright Court,
Cartwright Way,
Bardon Hill,
LE67 1UE

Telephone: 01455 299100

Privacy Statement

Cookie Policy

Terms and Conditions