As stories of data leaks and other information security breaches become more commonplace then an increasing number of professional bodies either strongly advise or require their members to be able to demonstrate appliance of 'good practice' in security awareness operations.

All of these requirements can be daunting to contemplate. However, we can help you to achieve the standard in effective which means that far from being a token requirement 'hoop' you need to jump through you will actually will end up with safer business operations.

• FSA Regulated Companies are strongly advised to put systems for information security management and staff security awareness in place along the guidelines set out in ISO 27001. Further guidelines can be found in the report "Countering Financial Crime Risks in Information Security, Financial Crime Sector Report" which was commissioned by the FSA and published in November 2004.
• PCI-DSS - If your business takes on-line credit card payments then you need to be aware of, and will soon need to comply with, Version 1.1 of the Payment Card Industry Data Security Standards. Although these can be achieved through automated online testing and, at lower levels, self-certification of policy and procedural compliance, firms must be able to demonstrate adherence if requested.
• Data Protection. Principle 7 of the UK Data Protection Act, 1998, requires any organisation to maintain "appropriate technical and organisational measures" to protect personal data.

For information about our services regarding ISO27001 and other standards in that series, please check our dedicated page.