Call for evidence outcome

Cyber security organisational standards: call for evidence

From:
Department for Business, Innovation & Skills and Cabinet Office
Published
1 March 2013
Last updated
28 November 2013 鈥� See all updates
This was published under the 2010 to 2015 Conservative and Liberal Democrat coalition government
This call for evidence has closed

Read the full outcome

PDF, 113 KB, 6 pages

Detail of outcome

Businesses said that cyber security standards need to:

  • be internationally-recognised
  • promote international trade
  • allow sytems to exchange and use information
  • be auditable, like those in the

Businesses also said we should balance compliance-based and outcome-based standards, whilst helping companies implement the right parts of a standard in the right parts of their business. This is what the and the offer.

Government will now work with industry to develop a new implementation profile, based on ISO27000-series standards.

皇冠体育app 鈥楿K Cyber Security Standards Research鈥� report provides a clearer overview of cyber security standards, and current and potential uptake.

Original call for evidence

Summary

Seeks evidence to select and endorse an organisational standard that best meets the requirements for effective cyber risk management.

This call for evidence ran from
to

Call for evidence description

皇冠体育app government intends to select and endorse an organisational standard that best meets the requirements for effective cyber risk management. 皇冠体育appre are currently various relevant standards and guidance, which can be confusing for organisations, businesses and companies that want to improve their cyber security. We aim to offer clarity to the private sector, based on the standard that we select and choose to promote.

On 30 April 2013 we published a guidance document and a response form to help organisations and groups prepare their evidence for submitting.

Cyber security strategy and standards

Government published its 鈥�Cyber security strategy鈥� in November 2011. This set out our intentions to encourage industry-led standards and guidance for organisations to manage the risk to their information, and to encourage companies that are good at managing information risk to make this a selling point for their business. This call for evidence, and our subsequent selection of a preferred standard, will help businesses identify what good cyber risk management looks like and select which organisational standard to invest in.

Further information

For further information on particular aspects of this call for evidence, contact us at [email protected].

Documents

Ref: BIS/13/659

PDF, 119 KB, 8 pages

Ref: BIS/13/853

PDF, 172 KB, 14 pages

Updates to this page

Published 1 March 2013
Last updated 28 November 2013 show all updates

  1. Government response published.

  2. We published a guidance document and a response form to help organisations and groups prepare their evidence for submitting.

  3. First published.

Sign up for emails or print this page

Related content