Data protection guide to be issued by ISAF

Company directors will soon be receiving a guide to their legal responsibilities to protect data and how they can address them.

Company directors will soon be receiving a guide to their legal responsibilities to protect data and how they can address them.

The guide will be the first tangible result of the formation of the Information Security Awareness Forum (ISAF) this week. ISAF chairman David King said the guide was aimed at company directors, owners and managers of small and medium companies, consumers and politicians and civil servants.

He said the forum aimed to unify viewpoints and messages on the need for secure behaviour. It aimed "to reduce overlaps and fill gaps" between the many different parties interested in information security.

ISAF presently consists of 17 such bodies. They include the Information Systems Security Association, which led the forum's formation, the British Computer Society, the business/parliamentary group Eurim, the Jericho Forum and GetSafeOnline.

He said the forum aimed to raise awareness of the need for secure handling of personal data and secure online behaviour. The guide, due out in April, was the first tangible result. ISAF, which is unfunded, would also join in conferences and exhibitions, but it was not a lobby group, King said.

He denied ISAF was the information security industry's response to the government's dismissal of the House of Lords science and technology select committee's call to make going online safer.

King said the forum's overall aim was to ensure that information security was built into digital devices and network-based services "out of the box". Depending on priorities, ISAF will approach suppliers organisations such as Intellect and the Internet Service Providers' Association to join ISAF and give effect to this goal, he said.

ISAF members

Information Systems Security Association


British Computer Society

Communications Management Association

European Information Society Group (Eurim)


Institution of Engineering & Technology

Infosecurity Europe

Information Assurance Advisory Council

Institute for the Management of Information Systems

Institute of Information Society Professionals

IUA Digital Risk Working Party

Jericho Forum

Security Awareness Special Interest Group

Worshipful Company of Information Technologists

Information Security Forum

Information Systems Audit and Control Association

Read more on IT risk management