Partner Code of Conduct

The Pentest Cyber business partner programme is primarily aimed at established, solvent UK organizations with a trusted clientele portfolio.

We enable you to extend a high-quality seamless cyber security capability to your portfolio protected by an absence of conflicts of interest.

Checks may include but are not limited to, public records, company websites/publications, social media presence, checks of credit and outstanding liabilities, and director histories beyond Companies House records.

• We expect partners to be Limited companies having at least 3 years of accounts available for inspection via Companies House.

• Those that pass this and any public domain inspections by Pentest Cyber without raising concerns of solvency or reputation will be extended the partnership on standard 30-day payment terms

• Partners ideally should meet or be working towards meeting the requirements of Cyber Essentials, ISO 27001, or equivalent schemes

• Prospective partners who are unable to meet these requirements may be considered on a case-by-case basis and, if accepted, may be subject to additional terms, including mandatory advance payment for services.

We have listed our corporate values below and expect our partners to hold themselves to the same high standards.

1. Integrity

Doing the right thing, being honest and acting in the best interests of end clients even when it is difficult and may conflict with maximising profits.

2. Compliance with Laws

Business Partners must fully comply with all applicable laws and regulations, both in the UK and any relevant jurisdiction for international business. The rights of the data subjects in relation to GDPR and the DPA are to be upheld.

There should be recognition of who holds the data controller and the data processor roles. PII is to be properly handled in accordance with the relevant laws

3. Information Protection

Handle confidential, proprietary, and export-controlled information properly, using it only for its intended business purpose

Respect and comply with intellectual property laws, including patents, copyrights, and trademarks

Protect confidential and proprietary information from unauthorized access, destruction, use, modification, and disclosure

4. Human Rights

Business Partners must adhere to human rights policies, treat people with respect, and foster an inclusive culture.

Respectful Workplace: Maintain a workplace where everyone is treated with dignity and respect, complying with local employment laws.

Child Labour: Ensure no illegal child labour is used.

Human Trafficking: Comply with laws prohibiting human trafficking and forced labour.

5. Employment Practices

Harassment: Ensure a workplace free from harassment and abusive conduct.

Wages and Hours: Pay at least the minimum compensation and do not exceed the maximum working hours as required by law

Anti-Corruption: Business Partners must comply with anti-corruption laws, including the U.K. Bribery Act.

6. Media

Failure to obtain approval for branding use could result in penalties or partnership termination.  Pentest Cyber maintains its reputation and client confidentiality through consistent messaging in print and online media. Business Partners must get formal approval for any broad communication about Pentest Cyber, such as marketing material, presentations, press releases, and social media posts. Approval is required for logo use and brand.

7. Reporting Concerns

Business Partners must report suspected or known violations of this Code of Conduct to Pentest Cyber, investigate credible reports, take corrective action, and provide information for compliance. Report any misconduct involving Pentest Cyber employees or inquiries by law enforcement. Concerns can be reported by requesting a secure communications channel via info@pentestcyber.co.uk.