You can start sending questions through straight away
G-Cloud Framework (RM) CloudStore - Keep an eye on the website and the twitter account for news #BuyCamp How to book a place? Assurance Ongoing in parallel with accreditation.
Add something about giving confidence to the customer?
through the programme and the Pan Government Accreditors (PGAs) Customers will still need to ensure that the accreditation and assurance activities are suitable to meet their risk profiles and will need to consider the service as part of their internal accreditation process, perhaps considering the service in the reliance scope of their internal accreditation.
FROM PSN RMARD The service provider manages and is accountable for the schedule and cost of compliance for their service(s) The process as far as possible ensures that government resources (the PSNA, PGA and CESG Security Architects) are involved only as really needed and are not engaged by a service provider who is speculatively putting up a service for accreditation and haven‟t really done the work that is needed to take them successfully through the process. The same on-boarding process is applied for services across all impact levels TEMPLATE AVAILABLE ON THE SUPPLIER ZONE. Check you have the latest version - we may revise the guidance notes. Same applies if a service has already been accredited.
For IL2 could include..... For IL3 could include....
CESG!
The T&C’s allow the supplier the option of using an independent auditor instead of a site visit with certain restrictions. The IA guidance says that in certain exceptional circumstances a site visit may be required as part of ‘ISO/IEC 27001 audit and certification’. If the latter is the case this will be discussed with the supplier during the accreditation process.