|ICO - Accountability Framework||27/11/2020 11:17||Accountability is one of the key principles in data protection law – it makes you responsible for complying with the legislation and says that you must be able to demonstrate your compliance.
It’s a real opportunity to show that you set high standards for privacy and lead by example to promote a positive attitude to data protection across your organisation.
Accountability enables you to minimise the risks of what you do with personal data by putting in place appropriate and effective policies, procedures and measures. These must be proportionate to the risks, which can vary depending on the amount of data being handled or transferred, its sensitivity and the technology you use.
Regulators, business partners and individuals need to see that you are managing personal data risks if you want to secure their trust and confidence. This can enhance your reputation and give you a competitive edge, helping your business to thrive and grow.
The ICO accountability framework is published user the Open Government Licence V3.0
|ISO 27001||22/11/2020 15:06||ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.
ISO 27001 was developed to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an information security management system.||Details|
|IASME Governance V11c||27/11/2020 10:30||Details|
|Home Working Controls||31/03/2020 13:37||Home Working Controls||Details|
|NCSC CAF||29/05/2020 09:55||Details|
|Cyber Essentials (IASME)||22/11/2020 15:05||Cyber Essentials is a simple but effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.
Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked.||Details|
|PCI DSS||15/09/2020 18:41||PCI DSS are security standards that help to ensure that any company who use credit card information maintain a secure infrastructure.||Details|
|Cyber Essentials (CREST)||14/10/2019 11:58||Government-backed scheme to help organisations protect themselves against common cyber attacks.||Details|
|GDPR||14/12/2019 02:18||The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy for all individual citizens of the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.||Details|