Why?
If you supply to the public sector, Information Risk Management should be on your agenda. The UK Government Cyber Security Strategy requires all UK based organisations to raise their cyber security game against an increasing cyber based threat.
If you work with sensitive Government information, most of the security controls you would have been required to comply with to date were physical and procedural. The Cyber Security Strategy sees this as a weakness that needs to be addressed:
“Just as we already place certain requirements on contractors’ physical security, it now also makes sense to look again at our requirements on cyber security, as the means through which attempts to steal data are now most likely to come.”
The UK Cyber Security Strategy – Protecting & promoting the UK in a digital world, Nov 2011.
As a supplier holding sensitive government information, parts of your business are bound by the mandatory requirements as detailed in the SPF. The SPF makes it clear that a structure is needed for managing your information risks. The Information Risk Management approach provides that structure and will make you better able to respond to any new requirements levied against you by Government. But why stop there if you have to improve your game for government information? Why not leverage that investment to improve how you protect your own information that has significant business value?
What?
Ascentor has a great deal of experience in developing realistic Information Risk Management structures that support the mandatory requirements within the SPF. The SPF calls for any organisation holding sensitive government data to have “an appropriate security organisation (suitably staffed and trained) with clear lines of responsibility and accountability at all levels of the organisation…” Ascentor can work with you to ensure that you meet all the applicable aspects of the SPF and remove the business impact of non-compliance or worse, a compromise of government information.
How?
Working with Ascentor will help you to reduce the risk to the Government information you hold AND deliver wider business benefits managing the risks to your own information. Looking at both will deliver cost efficiencies and strengthen your business across the board.
Next Steps:
For more information and to arrange a no obligation Risk Review Meeting to discover what’s important to your business or project, please get in touch. Contact Dave James for a confidential discussion:
Telephone: 01452 881712 or 07787 506889
Email: dave.james@ascentor.
