/ Build Plan /

The Build plan: managed IT and security with the human risk and response layer.

The plan most regulated firms settle on. Everything in Launch, plus the security and incident response capability a firm needs to evidence how it manages risk.

£50 per user, per month. One figure, the same every month, covering the people who use the service. No onboarding fee, and a 90-day money-back guarantee on the services Novix delivers.

Who Build is for

Build is the plan most wealth management and accountancy firms choose. It suits a firm that already expects its IT to be managed well and now needs to show, to its own leadership and to regulators, how it manages the human side of security and how it would respond if something went wrong. If your firm is asked how it trains staff against phishing, whether it monitors for credentials on the dark web, or what its incident response plan looks like, Build is built to answer those questions with evidence rather than assurances.

As with every plan, IT and security are one conversation, not two. The additions in Build are not a bolt-on security product sitting beside your support contract; they are run by the same accountable team that manages your environment day to day.

Everything in the Launch plan

Build includes the full Launch baseline: managed IT and full-service helpdesk, the Client Success Programme with quarterly strategy sessions, managed network and 24x7 monitoring, managed security and firewall, managed backup, and Microsoft 365 management. You can read the detail of those services on the Launch plan page.

What Build adds

On top of the Launch baseline, Build adds the human risk and incident response layer.

• Dark web monitoring. Watching for your firm's credentials appearing in known breaches, so a leaked password is something you act on rather than something you find out about later.
• Password manager. A managed password manager so staff can use strong, unique credentials without writing them down.
• Human risk management. Phishing simulations and cyber security training, run regularly, so your team learns to recognise the messages that matter. We frame this as building good habits, not catching people out.
• Incident response. A documented incident response plan and security policy management, so if something does happen, the firm follows a plan it has already agreed rather than improvising.
• Vulnerability scanning. Regular scanning of your environment so weaknesses are found and fixed in a managed way.
• Intrusion detection and response. Monitoring for unusual activity and acting on it, so a problem is caught while it is still small.

When firms move to Scale

Firms that need fractional CIO or CTO leadership, Cyber Essentials monitoring and compliance, a managed SIEM and a 24/7 Managed Security Operations Centre move to the Scale plan. If your firm is smaller or earlier in its journey, the Launch plan covers managed IT and core security on its own. All three sit side by side on the Our Plans page.

What the monthly fee does not cover

Hardware and consumables, large project work such as major migrations, third-party software licences, and out-of-hours work for systems outside your agreement sit outside the plan. Anything beyond it is quoted and agreed before we start.