|
|
| Professionalisation, Education and
Training(PE&T) |
| |
| CESG, in collaboration with
others, is working to improve information risk management across
HMG, the wider public sector and their suppliers by raising
levels of Information Assurance awareness and professionalism.
|
| |
| The IA landscape |
Everyone who works in the public sector needs some level of
understanding of, or expertise in, managing information risk.
Whether you work in a technical capacity with information and
communications products and systems or simply use information
to achieve a business outcome, you need to understand information
risk. However, the level of understanding required – from
basic awareness to expert - will vary depending on your role.
The public sector and its suppliers need to adopt a more rigorous
approach to information risk management to ensure that they
have the right knowledge, skills and competence to manage their
information risks. |
| |
| Professionalisation, Education
and Training in IA |
Through professionalisation, education and training, CESG
aims to raise the level of Information Assurance (IA) professionalism
and skill across HMG, the wider public sector and their suppliers
to improve information risk management.
CESG is working with a range of stakeholders including other
government departments, professional bodies, academia and industry
to create an environment where government employees and suppliers
have the appropriate IA awareness and skills to do their job.
The diagram below illustrates the types of IA roles identified
and the level of skills, knowledge and awareness typically required
for those types of roles ranging from the deep, specialist skills
of the IA technical experts to those who need enough awareness
to be able to handle information safely and responsibly. |
| |
 |
| |
| Background - The strategic drivers |
The National IA Strategy calls for ‘improved professionalism
across all areas of the IA sector’. It states that ‘work
will be taken forward to ensure that IA professionals are given
the same opportunities as those within the Government IT Profession’.
The National Cyber Security Strategy calls for the ‘growth
of skills and expertise needed by the Government and Industry
in the cyber security field’. Information Assurance skills
are an important factor in managing the information risks to
public sector systems in cyberspace.
Recognising that Cyber and IA are closely linked, The Office
for Cyber Security and Information Assurance (OCSIA) in the
Cabinet Office is bringing together the current cyber and IA
strategic approaches. The new Cyber Security Strategy, to be
published later this year, will set out the Government's response
to the challenge of protecting the UK's interests in cyberspace. |
|
