|
|||||||||
|
|||||||||
|
| You are here: CESG > Products and Services >IACS > | ||||
| IT Health Check Service IT Health Checks are necessary to ensure correct implementation of security functionality and to identify vulnerabilities in IT systems and networks which may compromise confidentiality, integrity or availability of information held on the system or network. The IT Health Check service exists for the benefit of HMG and CNI end users who wish to have their sensitive IT systems and networks checked for vulnerabilities. The service consists of an analysis of the identified systems and network to identify any weaknesses based on widely encountered vulnerabilities and common configuration faults. The output of an IT Health Check is a report detailing any vulnerabilities and recommending effective security countermeasures. The IT Health Check meets minimum requirements for accreditation in line with HMG Infosec Standard No.2. There is no formal assurance level and no certificate awarded as a result of an IT Health Check. For HMG and CNI systems handling Protectively Marked material at SECRET or above, and occasionally in other special cases, the IT health Check is normally provided by CESG personnel. For HMG and CNI systems processing Protectively Marked information up to and including CONFIDENTIAL (and also SECRET with CESG approval – see S(E)N 2006/04 for details), the IT Health Check can be performed by CESG-approved companies in the private sector. Such approval is through the CESG CHECK service - also part of IACS. |
||||
 |
|||
|