darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-06 03:13:42 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix links on the '/features/security' page

Browse Source 
- Changed the 'contact us' link to point to our support form, not the
  Notify homepage
- Updated the link to the details about CHECK based testing, since the
  site we were linking to no longer exists.
This commit is contained in:
Katie Smith
2022-05-19 10:33:41 +01:00
parent d1c6e06bf1
commit 073636d74f
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/templates/views/security.html
View File

@@ -52,7 +52,7 @@
<li>your email address and password</li>
<li>a text message code that Notify sends to your phone</li>
</ul>
<p class="govuk-body">If signing in with a text message is a problem for your team, <a class="govuk-link govuk-link--no-visited-state" href="https://www.notifications.service.gov.uk/">contact us</a> to find out about using an email link instead.</p>
<p class="govuk-body">If signing in with a text message is a problem for your team, <a class="govuk-link govuk-link--no-visited-state" href="{{ url_for('main.support') }}">contact us</a> to find out about using an email link instead.</p>
<h2 class="heading-medium" id="information-risk-management">Information risk management</h2>
<p class="govuk-body">Our approach to information risk management follows NCSC guidance. It assesses:</p>
@@ -67,7 +67,7 @@
<p class="govuk-body">Things we do to manage risks on Notify include:</p>
<ul class="list list-bullet">
<li>formal risk assessments based on <a class="govuk-link govuk-link--no-visited-state" href="http://www.iso.org/iso/catalogue_detail?csnumber=56742">ISO 27005:2011</a> and National Cyber Security Centre guidance</li>
<li><a class="govuk-link govuk-link--no-visited-state" href="https://www.cesg.gov.uk/articles/check-fundamental-principles">CHECK</a>-based testing, both annually and when any major changes are made to Notify</li>
<li><a class="govuk-link govuk-link--no-visited-state" href="https://www.ncsc.gov.uk/information/check-penetration-testing">CHECK</a>-based testing, both annually and when any major changes are made to Notify</li>
<li>residual risk statement preparation and active management of the risk treatment plan</li>
<li>regular updates to the Privacy Impact Assessment</li>
<li>security impact assessments</li>