Cyber Defence in Depth Stage 3:
Management

 
 
 

Manage your cyber security risks

For many organisations, managing cyber security risks requires a more intensive approach than simply implementing basic protections. Cyber security isn’t a destination – it is an ongoing process, requiring continual evaluation, maintenance and revision.

This should include such measures as embedding risk-based security controls in corporate processes, managing the security of supply chains and carrying out regular audits to ensure security controls remain up to date.

ISO 27001 is the international standard for an ISMS (information security management system), a risk-based approach to information security that encompasses people, processes and technology. Independently audited certification to the Standard demonstrates to customers, stakeholders and staff that the organisation has implemented and maintains information security best practice.

Learn more about ISO 27001

GDPR compliance

All organisations that process personal data must be able to demonstrate their compliance with the UK GDPR and DPA (Data Protection Act) 2018. Those that provide goods and services to, or monitor the behaviour of, EU residents must also comply with the EU GDPR.

GDPR compliance involves implementing appropriate technical and organisational measures to secure any personal data you process, keeping records of all processing activities, conducting data protection impact assessments where required, and training staff – as well as a great deal more.

From GDPR and DPA 2018 training to GDPR compliance solutions and consultancy services, we have everything you need to help ensure your processing of personal data complies with the law.

Learn more about GDPR and DPA 2018 compliance

GDPR compliance

Documentation is a large part of any management system or other compliance project. Having the necessary policies and procedures to ensure your compliance, and the records to demonstrate it, can be difficult.

Our documentation toolkits contain customisable templates created by expert practitioners to help you get your documentation right first time – and much faster than it would take to create it from scratch.

The toolkits cover ISO 27001, the DPA 2018 and GDPR, Cyber Essentials, the PCI DSS (Payment Card Industry Data Security Standard), ISO 22301, and more.

Learn more about our documentation toolkits

Browse our range of solutions

ISO 27001
 

Shop more

Data Protection / EU GDPR
 

Shop more

Risk Management Frameworks

Shop more

DocumentKits
 

Shop more

This website uses cookies. View our cookie policy
SAVE 25% ON
FOUNDATION TRAINING