Information management & security

Featured guidance
Information management & security guidance:

This practice note describes briefly different types of social media services and websites and explains the key risks associated with social media for organisations,...

Practice Note

This Practice Note is intended as a quick guide which outlines the main cyber threats commercial organisations face, and identifies some top tips for firms in defending...

Practice Note

What is BYOD? 'Bring your own device' (BYOD) refers to arrangements where an organisation allows designated employees to connect to its corporate IT network using their...

Practice Note

This Practice Note examines the law on the use of cookies and similar technologies: • Types of cookies and similar technologies • PECR 2003 and cookies • Responsibility...

Practice Note

This Practice Note summarises key points from the first legal threat report published by the National Cyber Security Centre (NCSC). The report has been compiled with the...

Practice Note

Corporate finance transactions are a prime target for cyber criminals due to the: • number of people involved • large volume of information being shared • extent to which...

Practice Note

Though taking preventative steps obviously makes good sense (see Practice Note: Cybercrime prevention), it is not possible to totally eradicate the risk of cybercrime or...

Practice Note

Cybercrime is a fast-moving, ever-evolving unpredictable risk to all commercial organisations which must be managed properly. It's estimated that up to 80 per cent of...

Practice Note

The rapid growth of the internet has transformed the way we work. Indeed, the UK has one of the most internet-based economies in the world, with the UK internet market...

Practice Note

Cybercrime is a challenge for internal compliance teams requiring a wider response than, 'it's a job for the IT department'. Cyber risk, like any other risk to your...

Practice Note

An electronic signature is the electronic equivalent of a handwritten signature and links a person to the contents of an electronic document. This Practice Note...

Practice Note

This Practice Note provides information on formulating, drafting and implementing a strategic (information and communication technology) ICT plan. What is ICT?...

Practice Note

You must have appropriate security in place to prevent personal data being accidentally or deliberately compromised. Information security is wider than cybersecurity (the...

Practice Note

Data security is a cornerstone of the EU General Data Protection Regulation (GDPR). The sixth data protection principle (the integrity and confidentiality principle)...

Practice Note

This Practice Note is intended to help you: • identify the information and data that your firm holds and that your firm is responsible for (sometimes called your...

Practice Note

This Practice Note explains the key regulatory and statutory provisions governing the management and security of information and data, referred to as information...

Practice Note