5 Step Process to Obtain PSN Connection Compliance Certificate

Network
The Public Services Network (PSN) is intended to create a “network of networks” to enable the delivery of government services from any provider or location. You will need a Public Services Network connection compliance certificate in order to connect to the PSN. This is so it remains a secure environment for all the public service organisations. Your organisation will have to pass the compliance process to demonstrate that the infrastructure is secure enough to connect to the PSN without presenting a risk.

You have to not only meet the government’s IA requirements but also make commitments regarding how you will continue to ensure the security of the PSN in the future.

Five steps are involved in this process, as described on this page on the Gov.uk website, and you must complete each of these to complete your application. These include:

  1. Complete a CoCo, which stands for Code of Connection
  2. Provide network diagram
  3. Provide an ITHC report
  4. Update contact details
  5. Submit application documents

Here are more details about each of these five stages.

Stage 1 – Complete a CoCo

The PSN Code of Connection document is an application form that you must complete, and it provides details about the infrastructure that you want to connect. It also outlines the requirements you must meet. It includes the cover page, details about your PSN environment, operational security, boundary protection and interfaces, protecting data, security testing and more.

Stage 2 – Provide Network Diagram

You will need an up-to-date diagram of the network infrastructure, and this will show the potential risks it might present. The network diagram must be under six months old, and it should include the name of your organisation, the date that the diagram was created, details of local connections, the location of gateways and other security devices and more.

Stage 3: Provide an IT Health Check (ITHC) Report

You will need to send the report of your most recent IT Health Check (ITHC) report that will show up any vulnerabilities along with what you have done, or plan to do, to fix them. You will need the services of a specialist PSN health check provider for this, so make sure you find one with the required experience and track record.

Your report must be completed within the last year, and it must show the specific actions that will be carried out to deal with problems. Make sure it also includes a ‘lessons learnt’ statement, which explains how the same issues will be avoided in the future.

Stage 4: Update Contact Details

You must also send the contact details for important roles in the organisation so that the correct people can be informed about any issues that arise. Make sure that these details are kept updated.

Stage 5: Submit Application Documents

This is the final stage. After you have completed the others, simply email the documents to the PSN team, and the details of where to send the documents can be found at this page.

Wait to Receive Notification that You Have Achieved PSN Compliance

After you have submitted your application, it will be validated and reviewed by the PSN team, who may contact you to confirm some details. If it is OK, the process should not take longer than four weeks, but it may take longer if you have to address any details. After that, you will receive notification that you have achieved PSN compliance.

 

Jonathan Cole has a senior IT role within a multinational organization. He enjoys the opportunity to share his insights with an online audience and has posted his thoughts across a variety of relevant websites.