The UK Government has recognised some of its biggest information security risks come through the supply chain and G Cloud 9 is the first serious framework vehicle aiming to address that challenge.
Clauses 12, 13 and 16 in the G Cloud 9 (draft) call off contract focus on information security. In the main framework agreement clause 8.87 emphasises the need for physical and IT security to follow Good Industry Practice. Non compliance will simply mean losing existing business and not winning anything new with government in future.
So having an Information Security Management System (ISMS) is no longer an option but an essential part of doing business. Suppliers need to meet an array of requirements including Cloud Security Principles, Risk Management Principles, 10 Steps to Cyber Security, Security Policy Framework etc…….
Whilst we have built the government frameworks into ISMS.online, achieving ISO 27001:2013* goes a long way to delivering those requirements and demonstrates Good Industry Practice. It is of immense value in being trusted to supply services outside UK government too e.g. in the private sector. It also positions your organisation well for EU GDPR from May 2018.
Our belief is that every organisation which has customer or other valuable information should have an information security management system (ISMS). UK Government is now seeking to ensure that happens, at least when it comes to protecting data it controls.
Of course there have always been barriers to achievement of an ISMS, whether time, cost, complexity, or arguably the biggest one, customer demands simply not being there. Now those customer demands are coming through thick and fast in both private and now public sector. With regulation following hot on its heels too with EU GDPR, doing nothing is just not an option.
With ISMS.online we have been looking at how we can help organisations with the time, cost and complexity challenge and have solved that too! Whether you are large, small, public, private or third sector, and interested internally or in supporting your supply chain, we have packages to meet your needs and budget.
ISMS.online integrates and packages all the strategic requirements into a fast, simple, low-cost and flexible solution for your success, freeing you up to concentrate on the operational aspects underpinning your ISMS and the core business itself.
*ISO 27001:2013 above also implicitly includes consideration of ISO 27002, ISO 27017:2015 and ISO 27018:2014