Let’s take a look at what an ITHC is and how, and why, it is carried out. An ITHC, sometimes referred to as an IT Health Check, is basically an IT security evaluation that is requisite, as part of an accreditation process for a variety of government computer systems in the United Kingdom.
An external service provider generally performs an ITHC, although CESG personnel may perform ITHCs on particularly sensitive systems. It can handle both applications and infrastructure, and involves an aspect of penetration testing.
IT Health Checks are essential to guarantee correct performance of security functionality and to recognize vulnerabilities in IT systems and networks which may compromise privacy, integrity or accessibility to info held on the system.
The IT Health Check service is there for the benefit of HMG and CNI end users who desire to have their sensitive IT systems and networks checked for weaknesses.
The service consists of an analysis of the acknowledged systems and network to spot any weaknesses based on widely encountered vulnerabilities and common configuration faults.
The result of an IT Health Check is a report listing all vulnerabilities and recommending efficient security countermeasures.
Although this will provide ease of mind, there is no actual formal assurance level and no certificate awarded as a result of an IT Health Check.
So, in conclusion – The health checks performed in an ITHC compare your existing IT equipment, systems, processes and policies to those we recommend as best practice including: Backup solution, Power management, Virus and malware protection, File storage and access control, Access for remote workers and/or branch offices, Physical security of your server room /IT, Scalability of your infrastructure, This will culminate in a set of recommendations that you can choose to adopt in order to improve your IT system.
Finally – with companies becoming increasingly reliant on IT during their daily running, isn’t it time you discovered how your IT systems shape up?
