A couple of weeks ago, I gave an update on the alpha prototype of the new PSN compliance process.
Here’s the latest news on what’s going on as we progress to roll out.
We’ve had some great feedback and comments from all those involved so far, which - we’re pleased to say - has been positive and very constructive. We really do appreciate all the feedback we’ve had - whether it’s good, bad or ugly!
We originally asked a broad mix of organisations to get involved in the alpha so that we’d get a proper understanding of how the new process would work for them. It’s been interesting to see how some things that appeared to us to be relatively simple to complete could provide problems for some organisations - but that’s the point of this alpha phase.
To make sure we’ve covered as many bases as possible, we’re now planning to extend the reach of the alpha to more organisations. That will mean we can test the approach on a much wider range of organisations with different set-ups and organisational structures, which will help us iron-out any potential issues before we move to beta. That means the beta may be delayed a little, but the good news is we’re still currently looking at a full roll out in April.
We’ve been contacted by a number of local authorities who are keen to get hold of the draft documents. It’s great to see such a lot of interest in the process and we can understand the desire to start using it as soon as possible, but with the documents still at this alpha stage it just doesn’t make any sense to circulate them any wider. The last thing we’d want is for organisations to submit using documents that haven’t yet been fully tested and finalised, only to have them rejected. If you’ve seen the documents but you’re not part of the alpha, please don’t use them for your submission.
Updated supplier accreditation process
We are revising the accreditation process for suppliers of PSN services, which we’re looking to introduce over the coming weeks. We’re replacing the Pan-Government Accreditor (PGA) scheme with a new Cabinet Office certification process.
Under the new process, the PSN IA team will assess and certify the supplier’s infrastructure. Once the infrastructure is approved, we’ll register each service that the supplier wants to deliver, but they won’t need to be individually accredited.
We're also changing how the services are assessed so they are more in line with G-Cloud. We don't believe that services delivered and consumed via the PSN present any additional risk to those being delivered and consumed via the internet, so we've aligned the service requirements with the Cloud Service Security Principles.
We think these changes will make the process simpler and more cost-effective for suppliers to get certified and help ensure more services are available for PSN-connected customers.
Organisations supplying connectivity services will continue to be assessed through CESG’s PGA scheme.
We’re writing to all current service providers to let them know about the changes as well as those organisations that are currently applying to get their services added, which will be automatically moved to the new process as soon as it’s up and running. We’ll let you know as the applications progress as there may be an initial delay while they are transferred, but please contact us if you have any questions.
We’ll continue to keep you posted as the alpha progresses. Expect another update within the next two weeks.
Don’t forget to sign up to the Government Technology blog.