IT Health Check (ITHC): supporting guidance

Use this document as a guide when arranging your ITHC.



This guide will help organisations establish the scope and requirements for preparing a ITHC as part of a PSN compliance submission. It provides a minimum set of requirements that should be included.

Published 19 August 2013
Last updated 23 February 2022 + show all updates
  1. Updating to clarify that CVSS version 3 or 3.1 should be provided

  2. We've changed references from CESG to NCSC and updated the supporting links.

  3. Details in paragraph 2.2 internal testing expanded for clarification

  4. Updated to align with the revised security policy.

  5. First published.