Achieving G Cloud Information Security Goals
UK Government Information Security Requirements
UK Government has recognised that some of its biggest information security risks come through the supply chain and G Cloud 9 is the first serious framework vehicle aiming to address that challenge. Having an Information Security Management System (ISMS) is no longer an option but an essential part of doing business.
Clauses 12, 13 and 16 in the G Cloud 9 (draft) call off contract focus on information security. In the main framework agreement clause 8.87 emphasises the need for physical and IT security to follow Good Industry Practice. Non compliance will simply mean losing existing business and not winning anything new with government in future.
G Cloud 10 and GDPR
It is worth bearing in mind that the government are soon to bring in G Cloud 10, which is thought to be tougher and more astringent. Achieving ISO 27001:2013 is good industry practice and goes a long way to delivering the requirements. There is immense value in being trusted to supply services in private sector too. And it positions your organisation well for EU GDPR from May 2018.
ISMS.online integrates and packages all the strategic requirements into a fast, simple, low-cost and flexible solution for your success, freeing you up to concentrate on the operational aspects underpinning your ISMS and the core business itself.
“We recognised that to achieve our business objectives we needed a framework for information security management. When we looked into ISO 27001: 2013 we thought it was going to be really tough so kept putting it off, focusing on other priorities.
However, now we’re on the journey, what we thought was overwhelming, has been made much easier by using ISMS.online. The engaging methods behind their complementary coaching service help enormously in understanding what is required for success and how you accomplish that.”
Mike Saunt, Managing Director, Astun Technology