Clauses 12, 13 and 16 in the G Cloud 9 (draft) call off contract focus on information security. In the main framework agreement clause 8.87 emphasises the need for physical and to follow Good Industry Practice. Non compliance will simply mean losing existing business and not winning anything new with government in future.
So having an Information_security_management_system_-_isms”>Information Security Management System (ISMS) is no longer an option but an essential part of doing business. Suppliers need to meet an array of requirements including Cloud Security Principles, Risk Management Principles, 10 Steps to Cyber Security, Security Policy Framework etc…….
Whilst we have built the government frameworks into ISMS.online, achieving ISO 27001:2013* goes a long way to delivering those requirements and demonstrates Good Industry Practice. It is of immense value in being trusted to supply services outside UK government too e.g. in the private sector. It also positions your organisation well for EU GDPR from May 2018.
Our belief is that every organisation which has customer or other valuable information should have an information security management system (ISMS). UK Government is now seeking to ensure that happens, at least when it comes to protecting data it .
Of course there have always been barriers to achievement of an ISMS, whether time, cost, complexity, or arguably the biggest one, customer demands simply not being there. Now those customer demands are coming through thick and fast in both private and now public sector. With regulation following hot on its heels too with EU GDPR, doing nothing is just not an option.
With ISMS.online we have been looking at how we can help organisations with the time, cost and complexity challenge and have solved that too! Whether you are large, small, public, private or third sector, and interested internally or in supporting your supply chain, we have packages to meet your needs and budget.
ISMS.online integrates and packages all the strategic requirements into a fast, simple, low-cost and flexible solution for your success, freeing you up to concentrate on the operational aspects underpinning your ISMS and the core business itself.
*27001:2013 above also implicitly includes consideration of 27002, 27017:2015 and 27018:2014