Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Government personal data handling assistance from Advent IM

Advent IM : 18 May, 2009  (Application Story)
Advent IM is helping government departments to gain compliance to information assurance standards
Advent IM, the independent information assurance and physical security consultancy, today announces that its Director of Information Assurance, Mike Gillespie has become one of the UK's first certified Auditors for the new HMG Information Assurance Standard No. 6 (IAS6), 'Handling Personal Data and Managing Information Risk'.

The standard applies to Central Government departments and agencies and their suppliers and service providers, who between now and 15th June 2009 are mandated to submit a statement of compliance to the new Standard as part of their annual Statements of Internal Control (SiC). Mike Gillespie at Advent IM is one of the few CESG1 Listed Advisor Scheme (CLAS2) consultants in the UK, trained to audit IAS6 compliance and assist Senior Information Risk Owners (SIROs) to collect evidence across the delivery chain for use in their Information Risk Reports, as required by Cabinet Office.
.
IAS6 and its supporting methodology Good Practice Guide 15 (GPG 15) have been jointly developed by CESG and the Cabinet Office and provide guidance on the protection of personal data and managing information risk. The Standard supports the Government's new Security Policy Framework (SPF), specifically Mandatory Requirement 14 (which requires departments and agencies to follow procedures for handling and protecting citizen or personal data), and the recent Data Handling Review.

Figures quoted in February 2009 by The Information Commissioner's Office (ICO), state that since the security breach at HM Revenue and Customs last year, companies and government bodies have reported a significant increase in the number of data breaches. The ICO reported 99 incidents in the public and private sector in the three months occurring since November 2008, compared to 277 breaches in the whole of the previous 12 months, further justifying a need for such a standard to adhere to.

IAS6 is one of several initiatives planned by Central government, which will include tighter regulations on data holders and data processors, as defined in the Data Protection Act. The Information Commissioners Office (ICO) has also been given significantly increased powers to investigate and prosecute.

Mike Gillespie, Advent IM Director of Information Assurance said, "Government data breaches occur on a worryingly frequent basis. Many departments are failing to comply with legislation such as the Data Protection Act, often paying little more than lip service to the statutory obligations the act imposes for the protection of personal data. Some often lose sight of the fact that just because they hold personal data, that data still remains the property of the individual. IAS6 will help departments, agencies and suppliers become accountable for personal data and implement risk mediated controls to prevent security breaches."

As well as being a CLAS Consultant and trained IAS6 Auditor, Mike Gillespie has extensive experience in delivering best practice information security management services to Central Government departments and agencies and their suppliers and service providers. He is also an experienced lead auditor for the International standard for information security management (ISO 27001/BS7799) which underpins the majority of HMG guidance.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo