When people finished work on Friday 5th August 2011 they probably didn’t consider that a weekend of riots and unrest was about to hit the Tottenham area, London. However, businesses who correctly implemented an ISO 27001 Information Security Management System…
In some industries we find interesting British Standards and Guidelines that complement and enhance the more recognisable ISO standards. The security shredding industry has two such standards that are commonly implemented by the market leaders. BS 7858 Security Screening of…
The Bribery Act makes it illegal to receive bribes and fail to prevent bribery, creating offences carrying 10 year prison terms and unlimited fines. The act applies to both UK and foreign companies who have operations in the UK, as…
The WEEE Regulations are intended to reduce the amount of waste electronic and electrical equipment (EEE) being sent to landfill by reusing and recycling. The regulations put certain requirements on those producing, distributing and using electronic equipment. Waste Categories There…
NOTE: In 2018 the UK’s Data Protection Act was revised to reflect GDPR Requirements. The below information may have been updated. The 1998 Data Protection Act sets out the legal obligation of those who handle personal data. In Schedule 1,…
Although this is a United States federal law, UK and european companies trading with American entities should be aware of the requirements, as they may impact compliance with the Act. The law was driven by corporate and accounting scandals, causing…
Power Usage Effectiveness (PUE) and Data Centre Infrastructure Efficiency are measures of the energy efficiency of a data centre. Although they are essentially the same, they are used to illustrate efficiency differently. They compare the amount of energy used to…
An Information Security Management System (ISMS) that meets the requirements of ISO 27001, can also help an organisation comply with other industry-specific standards. For example, the Gambling Commission, which regulates commercial gambling in the UK, requires ‘gambling software and remote…
Having implemented ISO 27001 Information Security Management Systems, and spoken to others who have, there is a group of controls from Annex A that seems to be regularly excluded. A10.9 Electronic Commerce Services, has the objective “To ensure the security…
