Information security

The basic principles of information security are confidentiality, integrity and availability. Every element of the information security programme must be designed to implement one or more of these principles.

Being aligned to an industry standard for information security adds value and can help ensure a good reputation. Cyber Essentials represents the government baseline standard.

Any good information security programme relies on overarching content which ensures the details of a very broad subject are considered fully. Business continuity and disaster recovery are the mechanisms applied to minimise the impact of an outage. Asset management determines how the organisation protects objects of value and sensitive content from either theft, unauthorised access, or damage. Data retention focuses on how sensitive information is controlled throughout its lifecycle.

The physical site of the organisation can contain sensitive and valuable assets which need protecting. Discouraging theft and unauthorised access is a foundation of good information security. Acceptable use considers how employees use technology and information, providing guidance on the use of assets and information.

Having contractual agreements is good practice and a necessity when dealing with any volume of customer information. Regular vulnerability scanning, is also a worthwhile endeavour to protect the business.

Help & Support

Vizion standard's knowledge net for help, support and best practices

Add additional user

Add additional colleagues to support you and your bodyshop

Templates

Selection of templates to help with your compliance