ProCheckup is an NCSC-approved CHECK company, fully accredited to perform IT Health Checks (ITHCs) against HMG and CNI environments. With multiple CHECK team leaders and members, ProCheckUp has been regularly performing ITHCs for over 7 years. We combine the team’s methodologies with the CHECK requirements outlined by CESG/NCSC for CHECK engagements in order to provide high quality services and deliverables. ProCheckUp enjoys a close working relationship with our clients, and acknowledges the importance of their role in helping HMG/CNI departments improve security and help defend against attack. CHECK is a way to ensure HMG and CNI environments are being properly audited by an approved provider that is subject to stringent checks.
ProCheckUp ensures that all client engagement requirements are met on an individual basis. For clients uncertain of what is included in an CHECK audit, ProCheckUp can help in scoping ITHCs to ensure that adequate coverage is gained. This will provide a good understanding of the security posture of the environment, and help towards any accreditation process which may be taking place.
Upon completion of an IT Health Check, the main deliverable is a CHECK-standard technical report which includes full details of all issues identified, along with recommended remediation steps, as well as an executive summary section which includes a high-level description of the higher-risk security issues identified. For a more detailed description of what will be included in the report, click here.
Both CVSS scoring and a ProCheckUp risk ratings are provided for each identified issue to ensure that the impact, exploitability and severity can be easily understood. It should be noted that notification of any serious security vulnerabilities (i.e. those rated as critical risk) will be made to the designated client point of contact during the engagement in case they require immediate remedial action.