For an overall organisational view, the package can be used to provide a more detailed, than the Silver package, understanding of the organisations security posture. Including a level of security control review, training and awareness review, policy and process review, physical security review and IT Health Check (Penetration Testing).
The Gold bundle can be used to write a compliance document to support an attestation of compliance to the HMG G-Cloud Cloud Security Principles, or to provide a Privacy Impact Assessment document to ensure conformance to the Data Protection Act 1998.
A Gold level package could also be used to produce a
baseline security architecture document, that will provide the organisation
with a view of the threats, risks and controls required to limit risk and
suitable secure ICT and customer data, for example.
Designed by Matilda