The Police Digital Service (PDS) has achieved accreditation against the ISO 27001 international standard on information security management.
It said it adopted the standard to govern its information and cyber security due to its strong pedigree and operational effectiveness.
A key requirement of the standard is to maintain continuous improvement in information security management.
To this end PDS recently completed its first annual surveillance audit and is committed to maintaining a secure framework of controls embracing both people and technology. This involves defining, maintaining and delivering a programme of improvements supported by suppliers and partners.
Positives noted
The accreditation notes a number of positives, including that management of the effort is well maintained with suitable leadership and operational procedures, that risks are well understood and managed, and suitable people controls such as training, pre-employment vetting and an acceptable use policy are in place.
In addition, the NEP Secure Design Blueprint is used in configuring cloud services.
PDS said it will now display the BSI Mark of Trust and that its commitment to information security includes its ‘risk and security’ enabler in achieving its priorities.