The government last week launched its
national information assurance strategy (NIAS), which aims to
give citizens, businesses and government full confidence in the way
the public and private sector collects, uses and shares
information.
"The strategy now provides a single framework for information
assurance for the whole of the UK," the document says.
Government officials expect the NIAS to change the way
government does business both internally and externally. This will
also affect private and third-sector organisations.
"This means effecting a significant change in the way that some
departments own and manage the risks to their information and
information systems," the strategy document says.
"Organisations will need to relinquish (or recognise that they
have already relinquished) some autonomy in the handling and
management of their information.
"Clear board-level ownership and accountability for information
risks will be required. Where information is shared, a single point
of risk ownership will be identified."
Three government agencies will oversee the work. They are the
Central Sponsor for
Information Assurance in the Cabinet Office (CSIA), CESG (the
information assurance arm of GCHQ), and the
Centre for the Protection of
National Infrastructure.
A Cabinet Office spokesman said it is four years since the last
national IA strategy was published. "It's the right time to
re-evaluate how we approach this fast-changing environment," he
said.
He added the strategy will be revised every one or two years,
taking into account policy and technological developments.
Centre for the Protection of
National Infrastructure >>
Goverment information on the strategy >>
Central Sponsor for
Information Assurance in the Cabinet Office >>
Comment on this article:
computer.weekly@rbi.co.uk