Given that the Commissioner has in the past indicated that BS7799 would be
regarded as the benchmark for adequate security in terms of Principle 7, I
would suggest that you start there.
The standard is in two parts - BS7799-1 / ISO17799 is the Code of Practice
and is probably the most relevant for what you want; BS7799-2 is the actual
auditable standard and isn't really relevant, unless your organisation
wishes to pursue certification.
Stuart
-----Original Message-----
From: Paul Dodgson [mailto:[log in to unmask]]
Sent: 10 June 2004 09:53
To: [log in to unmask]
Subject: Physical Record Security
I have been asked to look at physical record security pertinent to the 7th
Protocol, anyone one seen any Information Commissioner guidance on this?
Thanks
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|