CESG IA Good Practice Guides (GPGs) provide guidance on specific aspects of IA in order to help manage risk effectively.

Information surrounding some of these document is controlled. Below is a high level overview. If you have a requirement that involves these GPGs, please contact us at standards@platinumsquared.co.uk

• CESG Good Practice Guide No. 1   - Superseded with parts of IS4^*. The original guide related to secure telecommunications
• CESG Good Practice Guide No. 2   - Advice On Handling Files With Possible Malicious (Content superseded with parts of IS4)
• CESG Good Practice Guide No. 3   - Securing Bulk Data Transfers ^*
• CESG Good Practice Guide No. 4   - Remote Access to PROTECT Data ^*
• CESG Good Practice Guide No. 5   - Securing Data At Rest On Laptops ^*

 

• CESG Good Practice Guide No. 6   - Off-shoring: Managing the Security Risks
• CESG Good Practice Guide No. 7   - Protection from Malicious Code
• CESG Good Practice Guide No. 8   - Protecting External Connections to the Internet
• CESG Good Practice Guide No. 9   - Taking Account of the Aggregation of Information
• CESG Good Practice Guide No. 10 - Remote Working ^*

 

• CESG Good Practice Guide No. 11 - KVM Switches
• CESG Good Practice Guide No. 12 - Use of Virtualisation Products for Data Separation: Managing the Security Risks
• CESG Good Practice Guide No. 13 - Protective Monitoring for HMG ICT Systems
• CESG Good Practice Guide No. 14 - UK Requirements for TEMPEST Countermeasures ^*
• CESG Good Practice Guide No. 15 - Auditing Compliance with HMG Information Assurance Standard No. 6

 

• CESG Good Practice Guide No. 16 - Taking Cryptographic Items overseas^*
• CESG Good Practice Guide No. 17 - Client System Security
• CESG Good Practice Guide No. 18 - Forensic Readiness
• CESG Good Practice Guide No. 19 - Managing Accreditation - Governance, Structure & Culture
• CESG Good Practice Guide No. 20 - ICT Service Management - Security Considerations
• CESG Good Practice Guide No. 21 - Video Conferencing

 

• CESG Good Practice Guide No. 23 - Assessing the Threat of Technical Attack Against ICT Systems
• CESG Good Practice Guide No. 24 - Security Incident Management
• CESG Good Practice Guide No. 27 - Online Social Networking
• CESG Good Practice Guide No. 28 - Improving Information Assurance at the Enterprise Level
• CESG Good Practice Guide No. 29 - ICT Security Aspects of Collaborative Working

 

• CESG Good Practice Guide No. 35 - Protecting an Internal ICT Network

^* denotes controlled material.

Extracts taken from HMG Documentation. © Parts of this document are copyright, reserved and vested in the Crown.

For more information from CESG, please visit: www.cesg.gov.uk