|
|
Information Assurance Policy is the foundation of CESG’s business.
CESG develops HMG policy for protecting data and advises on its implementation.
Underpinning all our work is the principle of risk management. We
take an experienced balanced view of risk to identify appropriate
countermeasures, thereby giving you a sound basis from which to make
informed decisions on managing the risks to your data.
This work is managed by the IA policy unit as a 'common-good' activity
on behalf of all UK government departments and agencies. The guidance
we produce is intended mainly for this audience, but may also have
relevance for local government and others in the public sector.
Areas where we issue policy and guidance include:
- Securing electronic government services to the citizen
- Securing government connections to the Internet
- Securing the connection of business domains
- Assessing security needs for systems and networks
- Protection against hacking and computer viruses
- Approving the security of government IT systems
- Disposing of computer media used for sensitive information
- Passwords and other methods of authentication
- Interpreting and implementing national IA policy and standards
High-level IA policy originated by CESG is issued to government
users under Cabinet Office auspices, either as part of the Manual
of Protective Security or in the HMG Information Security Standards
series. Manuals supplement these in greater detail.
To obtain copies of CESG Policy, please email policy@cesg.gsi.gov.uk
or contact the Customer Support Office, CESG, Room A2j, Hubble Road,
Cheltenham, Gloucestershire GL51 0EX or telephone 01242 709141. |
