Improving Information Assurance at the Enterprise Level (GPG 28)

Created:  29 Oct 2015
Updated:  08 Aug 2016
CESG Archive

Archive content originally produced by CESG that has not yet been absorbed into the new NCSC web pages.

This guidance shares lessons in driving improvement in IA at the Enterprise level.

This gidance complements the HMG/CESG IA Maturity Model (CIAMM®)and its associated Assessment Framework. In particular, it provides advice to SIROs to meet a fundamental requirement at Level 2 of the CIAMM®; "to have personally made and gained approval for a business case to the Main Board for a targeted programme of work to improve the understanding and control of information risk."

Improving Information Assurance at the Enterprise Level (Good Practice Guide 28)_1.3.pdf

PDF, 1214.58KB

This file may not be suitable for users of assistive technology.

Was this guidance helpful?

We need your feedback to improve this content.

Yes No