IT Regulatory Compliance in the UK
By Alan Calder
()
About this ebook
This pocket guide provides you with a concise and accessible guide to the relevant UK legislation, including the Data Protection Act 1998, the Freedom of Information Act 2000 and the Regulation of Investigatory Powers Act 2000. It explains the importance of keeping and preserving records, and outlines the type of records your organisation is obliged to retain. IT compliance represents a key challenge for information professionals.
Alan Calder
Alan Calder is a leading author on IT governance and information security issues. He is the CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru. He has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.
Read more from Alan Calder
Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5PCI DSS: A pocket guide, sixth edition Rating: 0 out of 5 stars0 ratingsRisk Assessment for Asset Owners Rating: 4 out of 5 stars4/5ISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsEU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsCyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5IT Governance: A Pocket Guide Rating: 3 out of 5 stars3/5IT Governance Critical Issues Series: Cyber Security Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsCyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide Rating: 2 out of 5 stars2/5The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsNine Steps to Success: North American edition: An ISO 27001 Implementation Overview Rating: 0 out of 5 stars0 ratingsThe Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for operators of essential services Rating: 0 out of 5 stars0 ratingsThe Green Office: A Business Guide Rating: 0 out of 5 stars0 ratingsCompliance for Green IT: A Pocket Guide Rating: 5 out of 5 stars5/5Network and Information Systems (NIS) Regulations - A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratings
Related to IT Regulatory Compliance in the UK
Related ebooks
EU General Data Protection Regulation (GDPR) - An Implementation and Compliance Guide Rating: 0 out of 5 stars0 ratingsRegulation, Compliance and Ethics in Law Firms: Second Edition Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide - 3rd edition Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsManaging Information Risk: A Director's Guide Rating: 0 out of 5 stars0 ratingsCyber Guardians: Empowering Board Members for Effective Cybersecurity Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsAn Introduction to Anti-Bribery Management Systems (BS 10500): Doing right things Rating: 0 out of 5 stars0 ratingsThe California Privacy Rights Act (CPRA) – An implementation and compliance guide Rating: 0 out of 5 stars0 ratingsThe REGTECH Book: The Financial Technology Handbook for Investors, Entrepreneurs and Visionaries in Regulation Rating: 0 out of 5 stars0 ratingsIT Audit, Control, and Security Rating: 0 out of 5 stars0 ratingsInformation Privacy A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsThreat 2.0: Security and Compliance for Web 2.0 Sites Rating: 0 out of 5 stars0 ratingsPrivacy By Design A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsData Protection Compliance in the UK: A Pocket Guide Rating: 5 out of 5 stars5/5Essentials of Corporate Fraud Rating: 0 out of 5 stars0 ratingsData Risk Management Rating: 0 out of 5 stars0 ratingsEnterprise Compliance Risk Management: An Essential Toolkit for Banks and Financial Services Rating: 0 out of 5 stars0 ratingsA concise introduction to the NIS Directive: A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsCybersecurity Awareness A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsOperational Resilience A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsBAD MONEY: FinTech as an Instrument in the Battle for Global Dominance Rating: 0 out of 5 stars0 ratingsFraud Prevention A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsGDPR A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsTransaction Controls Monitoring A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsPrivacy Impact Assessment A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsRegulatory Technology A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsData Technologies A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsGeneral Data Protection Regulation A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratings
Computers For You
The Invisible Rainbow: A History of Electricity and Life Rating: 4 out of 5 stars4/5Elon Musk Rating: 4 out of 5 stars4/5Standard Deviations: Flawed Assumptions, Tortured Data, and Other Ways to Lie with Statistics Rating: 4 out of 5 stars4/5Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Rating: 4 out of 5 stars4/5101 Awesome Builds: Minecraft® Secrets from the World's Greatest Crafters Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5CompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsHow to Create Cpn Numbers the Right way: A Step by Step Guide to Creating cpn Numbers Legally Rating: 4 out of 5 stars4/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5The ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 0 out of 5 stars0 ratingsMastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 5 out of 5 stars5/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Alan Turing: The Enigma: The Book That Inspired the Film The Imitation Game - Updated Edition Rating: 4 out of 5 stars4/5CompTIA Security+ Practice Questions Rating: 2 out of 5 stars2/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Dark Aeon: Transhumanism and the War Against Humanity Rating: 5 out of 5 stars5/5Procreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 0 out of 5 stars0 ratingsThe Professional Voiceover Handbook: Voiceover training, #1 Rating: 5 out of 5 stars5/5The Data Warehouse Toolkit: The Definitive Guide to Dimensional Modeling Rating: 0 out of 5 stars0 ratingsPractical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5
Reviews for IT Regulatory Compliance in the UK
0 ratings0 reviews
Book preview
IT Regulatory Compliance in the UK - Alan Calder
Resources
CHAPTER 1: INTRODUCTION
A key challenge for all IT management teams is to ensure that the organization avoids breaches of any criminal or civil law, as well as any statutory, regulatory or contractual obligations, and of any security requirements.
Control A.15.1.1 of ISO/IEC 27001:2005 provides guidance that is relevant to the IT governance of every organization. It says that the organization should explicitly define and document the statutory, regulatory and contractual requirements for each of its information systems, and that this documentation should be kept up-to-date to reflect any relevant changes in the legal environment.
The specific controls and individual responsibilities to meet these requirements should be similarly documented and kept up-to-date, and should be linked to the list of all the data assets and processes in the organization, together with their ownership details.
Foreign legislation may also be applicable to the operations of the organization; in particular, legislation passed in America (such as the Digital Millennium Copyright Act and others, discussed below) may affect the international operations of UK-based organizations or may be the basis on which a US-based organization takes action against a UK-based one. Again, expert legal advice is necessary and the rapid, ongoing development of the law should be tracked on a regular basis.
This Pocket Guide provides initial guidance to all who are concerned with IT regulatory compliance in the UK. There is a separate title that provides guidance on North American IT regulatory compliance.
The outline of relevant legislation in this Pocket Guide is not intended to be authoritative. Current legal advice must be taken from qualified, specialist legal advisers if an organization wants or needs to rely on any matter discussed here. Equally, it should be noted that this Pocket Guide deals with current compliance issues for organizations based or operating in or supplying the UK market: laws are likely to be different in other countries and, therefore, organizations based elsewhere should take specialist local