How Secure Is Your Risk And Compliance Software?

2nd August 2019

Choosing your risk and compliance management software system can be overwhelming. Whilst considering whether your software meets the mark in terms of usability and efficiently delivers the reports and data you need, cyber security should be at the top of your checklist.

According to the latest Cyber Security Breaches Survey 2019, around 32% of UK businesses have reported having experienced cybersecurity breaches during the past 12 months. 

Cybersecurity breaches are becoming an ever-growing issue for businesses, with hacks and data leaks often published in the media. Non-software companies developing software designed to hold sensitive data may be operating without sufficient security in place leaving data unprotected and vulnerable to loss. It is imperative when choosing your risk and compliance software that you check that your software has been vetted and meets security tested standard requirements. You may also want to consider using a compliance system that is built by your provider rather than built and developed by a third party supplier, which may put your data at further risk of breaches.

One way to ensure your software meets your security requirements is to check if the software has Cyber Essentials certification.

Who are Cyber Essentials?

Cyber Essentials is a government-backed and industry supported scheme, developed with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF). Launched in 2014, Cyber Essentials is designed to help organisations protect themselves and their clients from common online threats through a set of basic technical controls. They have issued over 30,000 certificates of which, to date, none of the certified systems have experienced a significant cybersecurity breach or data loss. 

Software bearing the Cyber Essentials certification demonstrates an organisation’s commitment to cybersecurity and acts as a reassurance measure for companies procuring the software.

What does the certification mean?

There are two levels of certification available:

  • Cyber Essentials Certificate
  • Cyber Essentials Plus Certificate

The Cyber Essentials Certification is a light-weight self-assessment whereby an organisation must complete a simple 3 step process set out by Cyber Essentials. 

  1. Certification Body selection – select an appropriate Certification Body from the 5 Accreditations bodies provided by Cyber Essentials Plus
  2. Verify your systems and software’s security capabilities – all software and IT systems must meet Cyber Essentials’ security and infrastructure requirements and provide any required evidence
  3. Complete self-assessment questionnaire provided by the chosen Certification Body

Software with Cyber Essential Plus Certification has undergone testing and verification from independent cybersecurity Certification Body who have conducted penetration testing to ensure the software performs and resists viruses, malware, and hacking. 

At Lucion, we are committed to delivering a trusted, holistic risk and compliance management service. This includes our award-winning risk and compliance management software NexGen, which has achieved Cyber Security Plus Certification after being subjected to an in-depth security and IT infrastructure systems audit. 

What is NexGen?

NexGen is our compliance management software, built on the web, for the web, provided free to all of our clients. The system is designed to keep our clients up to date with current compliance standards and the hazardous risks within their property portfolio. Unlike most database driven compliance systems, NexGen differentiates from other compliance software products on the market by being hosted online meaning that our clients can track the ongoing risks, access data, reports, and photographs and mapping which are collected digitally by our on-site teams, all in real-time. What’s more is that updates are conducted by our in house NexGen developer team, meaning you don’t have to conduct updates yourself and experience 0 hours downtime.

When you use NexGen to manage your assets, you gain access to numerous beneficial features such as accurate, time-stamped activity logs, transparent invoicing, real-time data availability, access controls (meaning you can choose to grant access to other contractors or relevant stakeholders), Work In Progress oversight as well as easy import and export of data from/to other systems.

We appreciate that changing systems can feel like a hassle. So, whether you use our compliance management system or use your own and procure other risk management services from us, all of your data is stored on our systems for free and can be accessed at any time you need it. Think of it as a free back up!

All of your data entered into NexGen will be held on Amazon AWS servers, which provides ISO 27001 accredited security, encryption, and backup protection, as well as Cyber Essential Plus Certification.

Each of your reports produced in NexGen is a ‘working document’ that can be updated as required. When new data is recorded (e.g. during a re-inspection survey), a new report will be issued and the historical report will be archived on the system (not deleted). Analytical reports are also a working document, showing the site before contractor set up, during works and after, along with comprehensive analyst’s notes and on-site diary of all activity, with photographic evidence.

NexGen can be accessed on any device with a web browser (computer, laptop, smartphones etc.). Any individual who needs to access information within your portal will be invited to register and will simply need to create their own secure password to correspond with their username. Our software team can review your specific IT and firewall settings during mobilisation and ensure there are no issues preventing access.

Meet the man behind the code with an exclusive interview with our NexGen Software Development Manager Paul Hayball:

Award-winning Software

Our NexGen compliance software won The Partnership and Collaboration of the Year Award 2019 in conjunction with our client, Hull City Council. This award demonstrates our holistic risk management services offering, including our compliance management software NexGen, as a market leading, reliable solution in the risk management market.

Compliance Management Software

With over 15,000 current active users, NexGen is designed to be user-friendly, with minimal training required to navigate the system. We provide user guides, tutorial videos and training/demonstration sessions (typically 1-2 hours) free of charge during contract mobilisation. NexGen has been developed in-house, so any issues or assistance you require can be dealt with efficiently by our software developers, the NexGents.

Our Mission

Providing the means to protect is at the forefront of what we do as an organisation. We are a collaborative group of individuals dedicated to protecting people from exposure to hazardous substances. We are on a mission; to make the world a safer place to live

Through developing NexGen, we offer a holistic approach to managing and mitigating occupational exposure, health and hygiene risks, helping both our clients and ourselves, to achieve our mission.

Discover more about who we are, our mission and find out what it means to Be Lucion:

Asbestos Management

Further Information

Cyber Security Breaches Survey 2019 –

Cyber Essentials –

The Partnership and Collaboration Award 2019:

Lucion Services – Our Mission:

Related Articles

View all articles ›
Coming Together to Support our Clients

Coming Together to Support our Clients

8th August 2019

Lucion continues to thrive as the UK’s market leader in asbestos management and consultancy, taking on their latest acquisition, asbestos management firm ASKAMS Compliance Services.

Lucion Services Named As One Of 1000 Companies To Inspire Britain By LSE Group

Lucion Services Named As One Of 1000 Companies To Inspire Britain By LSE Group

24th July 2019

According to the London Stock Exchange (LSE) Group, 60% of small and medium-sized enterprises (SMEs) account for 60% of private-sector employment. The LSE has put together the ‘1000 Companies To Inspire Britain’ report to help support and celebrate the growth and development of SMEs, describing them as ‘the lifeblood of the British Economy’, including Lucion Services.

Risk And Compliance Management Software Supports Lucion To Win Partnership and Collaboration Award

Risk And Compliance Management Software Supports Lucion To Win Partnership and Collaboration Award

18th July 2019

We are the market leaders in asbestos management and consultancy. For the past 8 years, we have developed our bespoke risk and compliance management software, NexGen, with our clients in mind. Our pioneering software now delivers data through QR code labelling and boasts highly accurate 3D mapping, securing our latest partnership award win.

Safeguarding is Paramount: Asbestos QR Code Reduces Risks Of Exposure

Safeguarding is Paramount: Asbestos QR Code Reduces Risks Of Exposure

7th June 2019

Asbestos QR Code labelling continues to make strides in protecting teams and contractors from the risks of deadly asbestos exposures helping to ensure the safe management of any asbestos-containing materials (ACMs) identified in buildings.