18 April 2017
The past five years have seen unprecedented media coverage of high profile cases of data loss which have resulted in significant negative publicity.
The impact is greatest where the loss relates to personal information. Our consultants will employ their significant experience to support your charity in ensuring you have appropriate policies, strategies and processes in place to minimise the risk of an information security incident.
Information is a critical asset for any charity and it is essential that charitable organisations implement and maintain robust processes to ensure information on service receivers, funders, donors or sensitive case management information is secure. The Information Commissioner was granted new powers in April 2011 to enforce financial penalties of up to £500,000 for a breach of the Data Protection Act 1998.
Our knowledge and experience of the practical and legislative requirements of maintaining effective information security mean that we are able to ensure that your charity minimises the risk of a data loss incident occurring.
We develop and implement information security management systems consistent with the requirements of the international information security standard, ISO27000.
We can also conduct reviews against ISO27000, produce a gap analysis and develop remedial plans to address any identified risk areas. This includes coverage of areas such as:
Our reviews will also cover the business processes of your charity to confirm compliance with the Data Protection Act 1998.
Our approach is as follows: