GDS June 2017-July 2018 Cabinet Office Government Digital Service (GDS) Information Security Manager
D2 - Security Testing CCP Certified Skill Example 1
Amongst many other CHECK test procurements undertaken at GDS, including the investigation and startup of CHECK test procurement automation, I was asked to undertake the pen test scoping for a GBEST test program for the GOV.UK platform.
Result : The testing was undertaken at some stage although I was not present in the role when the testing took place. I undertook at least ten other testing projects while at GDS.
We were asked to provide a set of evidence to provide assurance to Other Government Departments that the GDS client organisation’s tool was fit for purpose. One of the activities was to arrange testing of the tool in the context of its use.
Result : A remediation plan was developed and implemented before issuance of an Assurance report . The actions undertaken reduced residual risk to a level of Low which was considered to be within Risk Tolerance for this project.