| |
'Within my organisation information
plays a pivotal role in supporting all aspects of the
business, including operations, financial planning,
sales and marketing and business strategy. Without this
information, whether it is customer details or financial
forecasting data, we would find it almost impossible
to make clear, well informed decisions. Corruption or
misuse of this data is also cause for serious concern
since it can result in considerable financial loss,
and perhaps more importantly, loss of confidence amongst
customers, employees, investors and other stakeholders.
Maintaining the confidentiality, integrity and availability
of our key business information has become a key target
for us and the safeguarding of information is now a
top priority. Of course, we understand that there will
always be an element of residual risk that cannot be
avoided, but at least we are aware of this and are doing
everything practicable to protect our organisation's
business information.
Over the past year we have invested significant resources
into ensuring that our organisation meets current best
practice as defined by BS7799
(the second part of ISO17799), the British Standard
that sets out the requirements for an Information Security
Management System (ISMS),
and provides a practical and hands-on route to implementation.
The benefits of having such a system are wide ranging;
alignment or certification to BS7799
provides peace of mind through clear and effective risk
management, helps build confidence amongst all stakeholders
in the business, and provides us with a competitive
advantage in the market place. More recently, particularly
for Government framework contracts, the ability of an
organisation to demonstrate its understanding of and
adherence to BS7799
has become pivotal to a successful tender. After all,
BS7799 also supports
key Government legislation such as the Data Protection
Act, the Health and Safety Act and the Computer Misuse
Act.
Next Page >>
|
