Organisations hold large volumes of personal and in some cases highly sensitive information about their customers and staff. This may be spread around hundreds of services and thousands of staff. It will be found in many different media and formats: in data systems, file shares, emails, paper files, desktops, laptops and USB sticks. It must be collected legitimately and shared legitimately. The duty of care towards that information is a burden that is growing as information volumes grow and their hosting and transmission methods diversify.
Information Security and Information Governance have risen to the top of company agendas following increasing reports in the national press of leaks, losses and data theft. The Information Commissioner’s Office has since April 2010 been given the power to impose a £0.5m fine on companies guilty of serious breaches.
The Information Security and Compliance environment for organisations is defined by the:
Public sector Information Compliance requirements additionally include the:
Central government also requires compliance with the 2009 HMG Security Policy Framework and the Public Records Acts of 1958 and 1967 while other areas of the public sector such as health, education, police and local government have their own sector-specific compliance requirements.
You want to protect personal information, prevent losses and leaks, avoid ICO intervention and prevent negative press? Cimtech’s Information Security and Compliance Review is the first step.
Our Information Security and Compliance Review report will show where your deficiencies and risks lie. We will suggest remedial action for each deficiency and risk. We will recommend roles and responsibilities, policies and procedures and the change management needed to embed them in everyday working. We will plan a timetable for action which is fully quantified and resourced.
If you want a full Information Security Audit, with RMADs, penetration testing and remediation plans Cimtech can offer CLAS-certified consultants with SC-level security clearance.