Good information management underpins good information security. This is increasingly the case in the digital era. The Government’s Security Policy Framework states:
The effective management of information is critical to safeguarding it. Government organisations will consider good information management practice as the basis for their information security arrangements.
Having good policies, procedures and training in place, as well as the right technical environment, to understand and manage your information and data assets will therefore help you to manage your security-related information risks. See our information management guidance and standards pages for general information management guidance. For guidance on information security, the following sources of information are useful.
Policies
Security Policy Framework, Cabinet Office
Cyber security
For further guidance on information assurance and cyber security see the following resources:
10 steps to cyber security, BIS
Information Risk Management Guidance, CESG
Security top tips, BCS
Cyber research and guides, CPNI
HoMER tool, CPNI
Risk and information risk guidance
Guidance and tools for assessing risks to your information.
The Orange Book, HM Treasury
Cyber risk, The Insititute of Risk Management
Risk guides, The Institute of Risk Management