NCC GROUP PLC.
NCC.LSE | Computer consultancy and computer facilities management activities
NCC Group PLC is a global expert in cybersecurity and risk mitigation, providing services to organizations worldwide. The company's offerings include cybersecurity consulting, software testing, incident response, managed security services, and escrow services. NCC Group helps businesses assess, prot...Show More
Better Health for All
10
NCC Group demonstrates exceptional healthcare data responsibility by preventing the leaking of public health data
1
and securing critical government and national grade personal data
2
, including for the UK's COVID-19 Test & Trace program.
3
The company specializes in helping healthcare organizations develop and implement comprehensive data lifecycle management strategies
4
, navigating complex regulatory landscapes like HIPAA and HITRUST.
5
During public health emergencies, NCC Group exhibits exceptional crisis response capabilities.
6
They supported the UK's COVID-19 pandemic response by securing the Test & Trace cloud-based technology platforms and 'mega lab' facilities.
7
Additionally, they provided free cyber threat intelligence to global healthcare providers, including national Computer Emergency Response Teams, hospitals, and public health institutes, during the COVID-19 pandemic.
8
The company's products and services do not have direct health impacts, addiction potential, or health risks requiring disclosure, and the company does not engage in pharmaceutical, food, or clinical trial activities.
Fair Money & Economic Opportunity
0
NCC Group PLC is a cybersecurity and software escrow business, not a financial institution that lends, insures, moves, or stores money for consumers.
1
Consequently, KPIs related to consumer lending, financial product pricing, fee exposure, and customer financial outcomes are not applicable to its core operations, mapping to a score of 0 as per the rubric's definitions. While the company implements internal diversity and inclusion initiatives for employees
2
and adheres to data protection regulations
3
, these do not directly address financial inclusion, fair lending, or wealth building for underserved client segments. Community engagement efforts, such as employee volunteering and matched funding, are present
4
but are not quantified as profit reinvestment in community finance.
Fair Pay & Worker Respect
30
NCC Group reported no workplace fatalities since its formation and no reported workplace accidents in the year.
1
The overall employee turnover rate was 22.0% in 2019, which decreased from 23.5% in 2018.
2
Fair Trade & Ethical Sourcing
0
NCC Group, a cybersecurity and risk mitigation services provider, does not procure or trade physical commodities, making fair trade certification and materials risk indices not applicable to its operations. The company reported zero violations of human rights or cases of modern slavery in FY24 (a 16-month period from June 2023 to September 2024).
1
It maintains a zero-tolerance approach to modern slavery and has systems in place to prevent it in its business and supply chain.
2
The company's Supplier Code of Conduct outlines expectations for ethical behavior, including prohibiting forced or child labor, and suppliers are bound by these standards and must comply with relevant laws like the UK Modern Slavery Act 2015 through their terms and conditions.
3
NCC Group also operates a whistleblowing policy, published in seven languages, to encourage reporting of concerns.
4
Honest & Fair Business
-20
NCC Group PLC has an Anti-Bribery and Anti-Corruption Policy published on its website and available on request
1
. The company maintains a zero-tolerance position regarding corruption and bribery
2
, with the policy overseen by the Compliance department, led by the Director of Risk and Governance
3
. No specific, quantifiable evidence was found for regulatory fines, transparency index scores, whistleblower policy implementation metrics, financial restatements, audit coverage percentages, ESG controversy index scores, complaint resolution times, board conflict-free percentages, or the extent of independent verification of ethical claims.
Kind to Animals
0
NCC Group plc operates in the cybersecurity and software sector, which means its core business has no direct interaction with animal-related issues.
1
As such, the company has no animal-derived products, animal testing operations, or animal agriculture activities, rendering most animal welfare KPIs not applicable.
2
While environmental efforts are noted to indirectly support wildlife, no measurable biodiversity impact or specific animal welfare initiatives are provided to score the relevant KPI.
3
No War, No Weapons
0
NCC Group has established links to the UK Ministry of Defence through contracts.
1
The company is involved with dual-use technologies, including AI and cyber intrusion capabilities, which have potential for both positive and negative applications, such as generating malicious code.
2
It participates in the Pall Mall Process, a global initiative addressing the misuse of commercial cyber intrusion capabilities.
3
Large language models (LLMs) used by the company typically implement controls to prevent malicious or unethical outputs.
4
In February 2020, NCC Group signed the UK's Armed Forces Covenant, committing to fair treatment for armed forces personnel and their families.
5
Planet-Friendly Business
-40
NCC Group reports total annual Scope 1 and Scope 2 emissions of 1,686.8 tCO2e for the period 1 October 2023 to 30 September 2024.
1
,
2
Scope 3 emissions reporting has been expanded to include purchased goods and services (accounting for circa 80% of global spend) and employee commuting for the first time.
3
,
4
The company has a net-zero target year of 2045, with interim targets to reduce Scope 1, 2, and 3 emissions by 42% by 2030 from a 2024 base year.
5
NCC Group is committed to setting science-based targets and is working with Positive Planet to map its net-zero journey and set these targets for FY25, stating they are in line with the Paris Agreement's 1.5 °C goal.
6
,
7
The company began reporting against the TCFD framework in 2022, producing a comprehensive report covering governance, strategy, risk management, and metrics/targets, with partial consistency to some recommendations.
8
An initial quantitative analysis against 1.5°C and 4°C climate scenarios has been conducted.
9
Operational changes include a 40% reduction in global office footprint by closing ten offices in the 16 months to September 2024.
10
A new travel policy promotes rail over domestic flights, and carbon literacy is being integrated into mandatory training.
11
The company also requests renewable energy from landlords and introduced an electric/hybrid car scheme for UK colleagues.
12
Respect for Cultures & Communities
0
NCC Group's business model, focused on cybersecurity and software resilience, does not inherently intersect with cultural preservation or indigenous rights.
1
Consequently, the company has no reported cultural appropriation incidents, cultural impact assessment protocols, FPIC processes, or cultural site disruptions, as these are not applicable to its operations.
2
There is also no specific cultural preservation investment or cultural incident response framework.
3
The company provides unconscious bias training to employees
4
, which aligns with standard diversity training rather than specific cultural sensitivity components.
5
Safe & Smart Tech
10
NCC Group has achieved global re-certification against ISO 9001:2015 and ISO 27001:2013 standards, and successfully transitioned to the new ISO 27001:2022 Information Security Standard ahead of the October 2025 deadline.
1
The company also maintains Cyber Essentials Plus certification.
2
Its data protection program is designed to meet GDPR, CCPA, and other applicable global data privacy legislation.
3
NCC Group emphasizes the need for inclusive and accessible AI systems, highlighting the importance of diverse teams to prevent bias.
4
Standard induction and annual refresher security training are provided, with dedicated training for high-risk roles.
5
Procedures are in place for responding to data subject access requests.
6
Zero Waste & Sustainable Products
-30
NCC Group has implemented several waste reduction initiatives, including a 40% reduction in its global office footprint in the 16 months to September 30, 2024
1
, which involved closing ten offices
2
. Other initiatives include removing non-essential printers in UK offices
3
, conducting sustainability audits of its websites
4
, implementing eco-design strategies to reduce website carbon footprint
5
, upgrading its CMS for energy savings
6
, and revising its travel policy to promote lower-carbon options
7
. The company's environmental policy and approach to cybersecurity solutions emphasize the integration of sustainability
8
and designing products for longevity and recyclability
9
, aiming to create enduring designs
10
.