PSN Compliance

Are you having challenges acheiving PSN Compliance? Join the club!

In 2013, the transition to PSN by around 600 organisations, most of them local authorities, exposed a number of less than optimal IA practices which required remediation prior to transition to PSN.

Fast forward to 2020 and the current conditions are a straightforward community security standard and are based on good security practice such as the ISO\IEC 27000 series of standards, but many organisations still face challenges understanding what is required, particularly in the area of ITHC scoping and remediation evidence, remote access solutions and unmanaged endpoint solutions. Although the zero tolerance approach is long gone, the same IA conditions from 2013 apply: BYOD solutions need to have demonstrable separation in place from PSN systems and services, and ITHC remediation\mitigation activity must be completed prior to application.

Many organisations have taken their foot off the gas now that PSN has a limited life, but you shouldn’t – the Cabinet Office are working on making something like PSN compliance mandatory for all local and central government, so maintaining your PSN compliance will give you a head start – rather than putting you back to playing catch-up again.

With nearly a thousand connections, all of these organisations are required to meet the PSN Code of Connection, and many will be expected to meet top ups according to their own specialised communities such as Police, Health etc. Lateral Thought have direct experience with the IA conditions in place from PSN including the top ups applied by the Home Office to the Police Service, Law Enforcement Agencies and the Department of Health process for HSCN.

In 2013 through 2018 Lateral Thought assisted over 300 organisations achieve PSN compliance and in addition – through acting within the PSN & Cyber Assurance team within the Cabinet Office – has unique insight into the process and criteria for achieving PSN compliance and how the assessments are undertaken.

Our services, available through the Digital Outcomes and Specialists framework include pre-submission checks, submission planning advice, on site assessments, ITHC remediation advice and liaison.

If you are preparing for your 2018 submission or if you are a new organisation yet to make a submission and join the PSN community, Lateral Thought can help, contact us today – see the page footer for contact details.

For a pre-submission check, our price is £805 – this covers a CoCo review, ITHC review including scope and remediation activity and if required a check of remote access solutions. The output we produce will be in a similar format to that of the Cabinet Office, but without requiring the signature of the Chief Exec, SIRO, S151 Officer etc. This rate also covers liaison and query handling by email/phone. This check is conducted offsite: you will need to get your submission to LT. We have email access via CJSM service which is interconnected with PNN, GSI, GSX and GCSX mail domains. We hold current SC clearance and current NPPV3 clearance for Police work sponsored by the HO NPIRMT team.

For onsite work our rate is £989 per day. Typically, we would expect to spend one day onsite running through the submission and providing support as required. We can also provide assistance if you have already received a rejection notice from the Cyber compliance team at the CO. If you require the onsite service, we would recommend that you also consider a pre-submission check as this will provide for telephone and email queries after the onsite day.

You can procure our services from our standard via the Digital Outcomes and Specialists Framework, or if you would prefer to pay in advance for days\assessments to call off as required, the rate is £900 (not via DOS) for Offsite work or £1000 for onsite work.