Should your organisation choose to produce their business continuity management system using the ISO 22301 standard for either accreditation (as required by the Department for Education, education and skills funding contract requirements) or for compliance then it would make sense to use the same standard to guide the production of your disaster recovery management system […]
Author: Noel Davis
This is the first of a series of related blogs posts, more to follow soon. Business continuity and disaster recovery planning is essential to ensuring the organisation can recover from an effect that impacts the business delivery processes. Business continuity planning is a senior leadership responsibility as it should have contingencies for all functional areas […]
Defining the scope of your Cyber Essentials assessment will be difficult. Ideally it should to be done right at the beginning of the process and should apply to the whole organisation. Most likely though, it will develop as the answers to the section questions are collected and developed, and determining if mitigation is required […]
Cyber Essentials (CE) is a base level security accreditation that demonstrates a security posture that is compliant the National Cyber Security Centre (NCSC) recommended guidelines for small to medium enterprises (SME). It allows funders, customers and staff to have confidence that organisational policy, processes, user practices and IT infrastructure provide a risk assessed and […]
The Education and Skills Funding Agency (ESFA) had initially amended the contract for those who receive that funding to attain the ISO27001 Information Security Management certification. Jisc and the AoC made representations citing that the scale of work, redirection of resource and the very short time frame was an unrealistic expectation for the sector. […]