Certificate of compliance pdf template

How organisations certificate of compliance pdf template renew or get a PSN connection compliance certificate so they can connect to the PSN. How organisations can renew or get a PSN connection compliance certificate so they can connect to the PSN.

If you are registered with Companies House or the Charities Commission, you should provide the unique registration number they have provided you. You must also provide point of contact details. You won’t need to complete this section, but it’s still extremely important that you make sure you have read and understood our requirements. We’ll work with you to identify the remediative work you need to undertake and agree an achievable time frame for their implementation. Wherever possible, our requirements specify a security outcome rather than prescribe a technical solution.

Where we provide examples of solutions, you are welcome to adopt these solutions or explore alternatives. It’s important to us that the security outcome is achieved, not how you achieve it. You’ll also need to consider any data handling agreements you have with other data owners. We require you to have policies, processes and procedures in place ensuring the secure operation of your infrastructure. Even well-managed systems develop vulnerabilities over time. A sensible security policy will not only assess vulnerabilities arising from new systems, hardware etc but will monitor your existing infrastructure for the emergence of exploitable vulnerabilities.

This should be done at regular intervals, dependent on the severity of the vulnerability. Not every vulnerability has a patch available, so you need to take some other steps to reduce the potential impact of an exploit against that particular vulnerability. The default, out-of-the-box configuration of many of the systems, software and services you use are likely to leave your infrastructure vulnerable. It is important that you have control over the configuration of these elements of your infrastructure and use that control to configure them to provide an appropriate level of security. As an absolute minimum you should have good, well-configured antivirus software for all devices, systems and services.