HMG IA/IS 6 Protecting Personal Data and Managing Information Risk
Platinum Squared can provide an IA6 team to maximise benefit and minimise the time taken to carry out the audit and feedback to your organisation.

Within the CLAS Community, only 22 consultants are certified to audit against IA6. Platinum Squared employs a CESG IA6 Certified Consultant, Trained in Auditing Compliance with IA Standard No 6. Trained to assist SIROs and their representatives to collect evidence across the delivery chain for use in their Information Risk Reports as required by Cabinet Office by 15 June 2009.

IAS6 and its supporting methodology Good Practice Guide 15 (GPG 15) have been jointly developed by the CESG and the Cabinet Office, and provide guidance on the protection of personal data and managing information risk.

The Standard supports the Government’s new Security Policy Framework, specifically Mandatory Requirement 14 (which requires departments and agencies to follow procedures for handling and protecting citizen or personal data), and the recent Data Handling Review.

This Standard consists of two chapters:

  • Chapter 1 sets out the mandatory process measures to ensure that Departments identify and manage their information risks
  • Chapter 2 sets out the mandatory specific minimum measures for the protection of personal information, the release or loss of which could cause harm or distress to individuals.

This Standard does not cover physical and personnel security or business continuity, which are addressed elsewhere in the HMG Security Policy Framework (SPF). Departments MUST also comply with other obligations, such as those under contracts, codes of connection, and the law. The material in the standard reflects good practice as set out in the ISO/IEC 27000 (Information Security Management System) series.

The key terms and abbreviations used in this Standard are intended to be consistent with those used by the International Standards Organisation (ISO) and publications produced, sponsored or supported by the Central Sponsor for Information Assurance (CSIA) and CESG, the National Technical Authority for Information Assurance.

If you have a requirement that involves this Standard please contact us at standards@platinumsquared.co.uk

For more information from CESG, please visit www.cesg.gov.uk

Extracts taken from HMG Documentation. © Parts of this document are copyright, reserved and vested in the Crown.



click


click


click


click


click


click


click
Platinum Squared Ltd - All Contents Copyright © 2010
Terms of Use   -   Privacy Statement