• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

IT Security Policy

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    IT Security Policy

    I am starting out contracting under a Ltd company and I am the only employee. I am filling in a Due Diligence form and they ask if I do not hold ISO27001 Information Security Certification then do I have a documented Information Security Policy, has anyone else had this question and how have they dealt with it? I am providing project management services and I guess as a contractor I will have to use my own laptop.

    #2
    You can review the Cyber Essentials questionnaire and see how much you are aware of/conform to its requirements https://www.cyberaware.gov.uk/cyberessentials
    This might serve as a baseline Information security policy for your business and if needed, you can get your business certified too.
    (sufficient for a small business I think, but not quite ISO27001)

    Comment


      #3
      Thanks very much

      Comment


        #4
        I guess the jobsworth have put you on their portfolio to undergo the 3rd party due diligence assurance which is aligned to ISO27001. Call them up and let them know you are a one man company and not in scope for the process.

        Comment

        Working...
        X