|
|
Information Assurance Policy is the foundation of CESG’s business.
CESG develops HMG policy for protecting data and advises on its implementation.
Underpinning all our work is the principle of risk management. We
take an experienced balanced view of risk to identify appropriate
countermeasures, thereby giving you a sound basis from which to make
informed decisions on managing the risks to your data.
This work is managed by the IA policy unit as a 'common-good' activity
on behalf of all UK government departments and agencies. The guidance
we produce is intended mainly for this audience, but may also have
relevance for local government and others in the public sector.
Areas where we issue policy and guidance include:
- Securing electronic government services to the citizen
- Securing government connections to the Internet
- Securing the connection of business domains
- Assessing security needs for systems and networks
- Protection against hacking and computer viruses
- Approving the security of government IT systems
- Disposing of computer media used for sensitive information
- Passwords and other methods of authentication
- Interpreting and implementing national IA policy and standards
High-level IA policy originated by CESG is issued to government users
under Cabinet Office auspices, either as part of the HMG
Security Policy Framework (pdf) or in the HMG Information Security
Standards series. Manuals supplement these in greater detail.
To obtain copies of CESG Policy, please contact the CESG Enquiries,
CESG, Room A2j, Hubble Road, Cheltenham, Gloucestershire GL51 0EX
or telephone 01242 709141. |