What is an IT Health Check?
An IT Health Check provides assurance that your organisation’s external systems are protected from unauthorised access or change, and do not provide an unauthorised entry point into systems that consume Public Services Network (PSN) services.
Internal systems should also be tested to provide assurance that no significant weaknesses exist on network infrastructure or individual systems that could allow one internal device to intentionally or unintentionally impact on the security of another.
Why use 2-sec for IT Health Checks?
We take a bespoke, approach to assessment for each of our clients:
Industry leading compliance experts – We have worked with cyber security industry standards long before PSN Compliance was introduced, including ISO 27001, PCI DSS, PA-DSS, Cyber Essentials and IASME.
Fully accredited – At both a corporate and an individual level including CREST, QSA, PCI DSS, PA-QSA, CE+, IASME, CHECK, CISSP, CISA, CISM, SANS-GIAC and CEH.
Commitment to understanding your business – We will take adequate time to understand your business, operations and process to accurately scope your IT Health Check.
Complete project support – We can assist with any, or all, stages of PSN Compliance, from CoCo completion to submission.
Dedicated Customer Success Manager – We know that you’ll have a lot of questions throughout this accreditation process, so you’ll have direct phone and email contact with your own go-to person.
Clear communication – Our mission is to ‘simplify security’. We will communicate our recommendations to you in a clear and jargon-free way.
How to gain PSN Compliance
In order to gain a Public Services Network (PSN) compliance certificate, organisations must:
Complete a Code of Connection (CoCo)
The PSN Code of Connection (CoCo) document is the application form you need to connect to the PSN. It gives HMG certain information about your infrastructure and describes the information assurance requirements that you must be able to meet.
Provide a network diagram
This must describe the infrastructure you are planning to connect to the PSN, including third party connections, wireless networks and so forth.
Provide an IT Health Check (ITHC) report
The information in your CoCo document and network diagram must be independently verified by an ITHC provider, such as 2-sec, and subject to appropriate levels of testing.
Update contact details
Important roles within your organisation must be documented, so that any incident can be dealt with swiftly.
Submit application documents
The PSN team will review and validate your application.This typically happens within 4 weeks, and a PSN Compliance Certificate issued.