Achieving G Cloud Information Security Goals
UK Government Information Security Requirements
UK Government has recognised that some of its biggest information security risks come through the supply chain and G Cloud 9 is the first serious framework vehicle aiming to address that challenge. Having an Information Security Management System (ISMS) is no longer an option but an essential part of doing business.
Clauses 12, 13 and 16 in the G Cloud 9 (draft) call off contract focus on information security. In the main framework agreement clause 8.87 emphasises the need for physical and IT security to follow Good Industry Practice. Non-compliance will simply mean losing existing business and not winning anything new with the government in future.
G Cloud 10 and GDPR
G Cloud 10, is expected to raise the bar higher for data protection and information security perspective, given recent cyber threats. Achieving ISO 27001:2013, alongside meeting the expectations of GDPR, is good industry practice and goes a long way to delivering the requirements. There is immense value in being trusted to supply services in private sector too. And it positions your organisation well for EU GDPR from May 2018.
ISMS.online integrates and packages all the strategic requirements into a fast, simple, low-cost and flexible solution for your success, freeing you up to concentrate on the operational aspects underpinning your ISMS and the core business itself.
If you are considering a G-Cloud listing or need public sector procurement advice, we would suggest you contact one of our partners, Advice Cloud. Advice Cloud are public sector procurement specialists and G-Cloud consultants with over 30 years of experience.
They work with organisations of all sizes, from large multi-billion global entities to Micro/SME businesses and Start-ups; Central Government Departments, Local Authorities, Blue Light services, Education, Housing, Healthcare/NHS, and more.
“We recognised that to achieve our business objectives we needed a framework for information security management. When we looked into ISO 27001: 2013 we thought it was going to be really tough so kept putting it off, focusing on other priorities.
However, now we’re on the journey, what we thought was overwhelming, has been made much easier by using ISMS.online. The engaging methods behind their complementary coaching service help enormously in understanding what is required for success and how you accomplish that.”
Mike Saunt, Managing Director, Astun Technology