Information assets & management

Information assets & management guidance:

This Practice Note is intended as a quick guide which outlines the main cyber threats commercial organisations face, and identifies some top tips for firms in defending...

Practice Note

What is BYOD? 'Bring your own device' (BYOD) refers to arrangements where an organisation allows designated employees to connect to its corporate IT network using their...

Practice Note

This Practice Note summarises key points from the first legal threat report published by the National Cyber Security Centre (NCSC). The report has been compiled with the...

Practice Note

Corporate finance transactions are a prime target for cyber criminals due to the: • number of people involved • large volume of information being shared • extent to which...

Practice Note

Though taking preventative steps obviously makes good sense (see Practice Note: Cybercrime prevention), it is not possible to totally eradicate the risk of cybercrime or...

Practice Note

Cybercrime is a fast-moving, ever-evolving unpredictable risk to all commercial organisations which must be managed properly. It's estimated that up to 80 per cent of...

Practice Note

The rapid growth of the internet has transformed the way we work. Indeed, the UK has one of the most internet-based economies in the world, with the UK internet market...

Practice Note

Cybercrime is a challenge for internal compliance teams requiring a wider response than, 'it's a job for the IT department'. Cyber risk, like any other risk to your...

Practice Note

This Practice Note provides information on formulating, drafting and implementing a strategic (information and communication technology) ICT plan. What is ICT?...

Practice Note

This Practice Note is intended to help you to draft a robust information management and security policy. Having such a policy helps minimise the chances of data loss or a...

Practice Note

You must have appropriate security in place to prevent personal data being accidentally or deliberately compromised. Information security is wider than cybersecurity (the...

Practice Note

Data security is a cornerstone of the EU General Data Protection Regulation (GDPR). The sixth data protection principle (the integrity and confidentiality principle)...

Practice Note

This Practice Note is intended to help you: • identify the information and data that your company holds and is responsible for (sometimes called your information assets)...

Practice Note

General Data Protection Regulation (GDPR) The GDPR imposes extensive requirements around information security, record-keeping and general information management. For more...

Practice Note

Information security comes with its own world of terminology and technology, which those sitting outside the tech world may struggle to understand. This Practice Note is...

Practice Note

Information security has become a business-critical issue. It is not something you can tackle in isolation, as there are obvious overlaps with cyber security and data...

Practice Note