IT Regulatory Compliance in the UK
By Alan Calder
()
About this ebook
This pocket guide provides you with a concise and accessible guide to the relevant UK legislation, including the Data Protection Act 1998, the Freedom of Information Act 2000 and the Regulation of Investigatory Powers Act 2000. It explains the importance of keeping and preserving records, and outlines the type of records your organisation is obliged to retain. IT compliance represents a key challenge for information professionals.
Alan Calder
Alan Calder is a leading author on IT governance and information security issues. He is the CEO of GRC International Group plc, the AIM-listed company that owns IT Governance Ltd. Alan is an acknowledged international cyber security guru. He has been involved in the development of a wide range of information security management training courses that have been accredited by the International Board for IT Governance Qualifications (IBITGQ). He is a frequent media commentator on information security and IT governance issues, and has contributed articles and expert comment to a wide range of trade, national and online news outlets.
Read more from Alan Calder
ISO 22301:2019 and business continuity management - Understand how to plan, implement and enhance a business continuity management system (BCMS) Rating: 5 out of 5 stars5/5IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT Rating: 4 out of 5 stars4/5ISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5PCI DSS: A pocket guide, sixth edition Rating: 0 out of 5 stars0 ratingsRisk Assessment for Asset Owners Rating: 4 out of 5 stars4/5Cyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsEU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide Rating: 2 out of 5 stars2/5IT Governance: A Pocket Guide Rating: 3 out of 5 stars3/5ISO 27001/ISO 27002: A guide to information security management systems Rating: 0 out of 5 stars0 ratingsIT Governance Critical Issues Series: Cyber Security Rating: 0 out of 5 stars0 ratingsNine Steps to Success: North American edition: An ISO 27001 Implementation Overview Rating: 0 out of 5 stars0 ratingsCyber Essentials: A guide to the Cyber Essentials and Cyber Essentials Plus certifications Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for operators of essential services Rating: 0 out of 5 stars0 ratingsThe EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsThe Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Compliance for Green IT: A Pocket Guide Rating: 5 out of 5 stars5/5The Green Office: A Business Guide Rating: 0 out of 5 stars0 ratingsA concise introduction to the NIS Directive: A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide - 3rd edition Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratings
Related to IT Regulatory Compliance in the UK
Related ebooks
The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide - 3rd edition Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition Rating: 0 out of 5 stars0 ratingsAn Introduction to Anti-Bribery Management Systems (BS 10500): Doing right things Rating: 0 out of 5 stars0 ratingsButterworths Financial Services Compliance Manual Rating: 0 out of 5 stars0 ratingsThe California Privacy Rights Act (CPRA) – An implementation and compliance guide Rating: 0 out of 5 stars0 ratingsThe 7 Deadly Sins of Market Abuse Rating: 0 out of 5 stars0 ratingsOutsourcing IT: A governance guide Rating: 3 out of 5 stars3/5Implementation of Anti-Money Laundering Information Systems Rating: 3 out of 5 stars3/5Essential Strategies for Financial Services Compliance Rating: 0 out of 5 stars0 ratingsAssuring IT Legal Compliance Rating: 5 out of 5 stars5/5Be Cyber Secure: Tales, Tools and Threats Rating: 0 out of 5 stars0 ratingsPCI DSS: A pocket guide, sixth edition Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5PCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsApplication Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsThe REGTECH Book: The Financial Technology Handbook for Investors, Entrepreneurs and Visionaries in Regulation Rating: 0 out of 5 stars0 ratingsInformation Security Law: The Emerging Standard for Corporate Compliance Rating: 0 out of 5 stars0 ratingsInformation Privacy A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsNetwork and Information Systems (NIS) Regulations - A pocket guide for digital service providers Rating: 0 out of 5 stars0 ratingsPrivacy Requirements A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsGDPR Compliance A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsPII A Complete Guide Rating: 0 out of 5 stars0 ratingsTransaction Controls Monitoring A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsUpcoming Updates In Data Protection: Whistleblowing Channels Rating: 0 out of 5 stars0 ratingsPrivacy By Design A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsPrivacy Program A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsData Privacy Fintech A Complete Guide - 2021 Edition Rating: 0 out of 5 stars0 ratingsPrivacy Impact Assessment A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsData Protection Officer Rating: 3 out of 5 stars3/5
Computers For You
Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Rating: 4 out of 5 stars4/5The Invisible Rainbow: A History of Electricity and Life Rating: 4 out of 5 stars4/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Standard Deviations: Flawed Assumptions, Tortured Data, and Other Ways to Lie with Statistics Rating: 4 out of 5 stars4/5Elon Musk Rating: 4 out of 5 stars4/5CompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsProcreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 0 out of 5 stars0 ratingsAlan Turing: The Enigma: The Book That Inspired the Film The Imitation Game - Updated Edition Rating: 4 out of 5 stars4/5The ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 0 out of 5 stars0 ratingsThe Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5101 Awesome Builds: Minecraft® Secrets from the World's Greatest Crafters Rating: 4 out of 5 stars4/5Mastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 5 out of 5 stars5/5CompTIA Security+ Practice Questions Rating: 2 out of 5 stars2/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Childhood Unplugged: Practical Advice to Get Kids Off Screens and Find Balance Rating: 0 out of 5 stars0 ratingsThe Professional Voiceover Handbook: Voiceover training, #1 Rating: 5 out of 5 stars5/5People Skills for Analytical Thinkers Rating: 5 out of 5 stars5/5Going Text: Mastering the Command Line Rating: 4 out of 5 stars4/5Dark Aeon: Transhumanism and the War Against Humanity Rating: 5 out of 5 stars5/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5AP Computer Science Principles Premium, 2024: 6 Practice Tests + Comprehensive Review + Online Practice Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5How to Create Cpn Numbers the Right way: A Step by Step Guide to Creating cpn Numbers Legally Rating: 4 out of 5 stars4/5
Reviews for IT Regulatory Compliance in the UK
0 ratings0 reviews
Book preview
IT Regulatory Compliance in the UK - Alan Calder
Resources
CHAPTER 1: INTRODUCTION
A key challenge for all IT management teams is to ensure that the organization avoids breaches of any criminal or civil law, as well as any statutory, regulatory or contractual obligations, and of any security requirements.
Control A.15.1.1 of ISO/IEC 27001:2005 provides guidance that is relevant to the IT governance of every organization. It says that the organization should explicitly define and document the statutory, regulatory and contractual requirements for each of its information systems, and that this documentation should be kept up-to-date to reflect any relevant changes in the legal environment.
The specific controls and individual responsibilities to meet these requirements should be similarly documented and kept up-to-date, and should be linked to the list of all the data assets and processes in the organization, together with their ownership details.
Foreign legislation may also be applicable to the operations of the organization; in particular, legislation passed in America (such as the Digital Millennium Copyright Act and others, discussed below) may affect the international operations of UK-based organizations or may be the basis on which a US-based organization takes action against a UK-based one. Again, expert legal advice is necessary and the rapid, ongoing development of the law should be tracked on a regular basis.
This Pocket Guide provides initial guidance to all who are concerned with IT regulatory compliance in the UK. There is a separate title that provides guidance on North American IT regulatory compliance.
The outline of relevant legislation in this Pocket Guide is not intended to be authoritative. Current legal advice must be taken from qualified, specialist legal advisers if an organization wants or needs to rely on any matter discussed here. Equally, it should be noted that this Pocket Guide deals with current compliance issues for organizations based or operating in or supplying the UK market: laws are likely to be different in other countries and, therefore, organizations based elsewhere should take specialist local