Avoiding the £500,000 Fine:Four Steps to Continuous Audit-Readiness for GCSX Code of Connection

The GCSX Code of Connection (CoCo) is an important step in providing a secure infrastructure for public sector business. While most - if not all - local authorities have achieved compliance with the Code of Connection, authorities must still undergo annual audits. Regulations such as PCI DSS, the Data Protection Act and others also impact organisations from an audit perspective. As such, compliance should not be viewed as 'point-in-time', but as a continuous journey which can be used as a catalyst for an improvement in overall organisational compliance, as opposed to simply a 'tick in the box' from an auditor. Without proper visibility of compliance and security practises, an information security breach, data loss or compliance related incident can rapidly turn into an election issue and ultimately cost political posts. Furthermore, as of 6 April 2010, the Information Commission can impose a civil penalty of up to £500,000 for serious breaches on data controllers under the Data Protection Act.

It is vital that organisations understand the difference between compliance and information security. Organisations should be ready for audit 24/7. Watch this webcast to learn about:

• The evolving regulatory climate and compliance enforcement
• The difference between being compliant and being secure
• The four key steps you can take to ensure continuous audit-readiness and improve security
• The capabilities that can help streamline IT risk management processes and enable continuous compliance