Home
Topics
Compliance and Risk Management
Compliance Regulation and Standard Requirements
Information Assurance Standard 6 (IAS 6)

Definition

Information Assurance Standard 6 (IAS 6)

The Information Assurance Standard 6 (IAS 6) is legislation enacted by the British government in May 2009 as part of its Security Policy Framework (SPF). SPF is a response to government data breaches uncovered in the government's Data Handling Review.

IAS 6 requires all government agencies to submit reports of compliance to the U.K. Cabinet Office to prove that the methods they use to process and store sensitive personal information are secure. The original reporting deadline was 15 June, 2009.

IAS 6 is supported by Good Practice Guide 15, which is published by the U.K. Cabinet Office and the Communications-Electronics Security Group (CESG). CESG gives a more prescriptive explanation of not only the data that must be collected for the report, but also how to collect it.

Related glossary terms: IFRS (International Financial Reporting Standards), National Health Service (NHS), Code of Connection (CoCo), EU Data Protection Directive (Directive 95/46/EC), Privacy and Electronic Communications Regulations (PECR), Financial Services Authority (FSA), Good Practice Guide 13, Basel II, British Standards Institution (BSI), UK Government Connect Secure Extranet (GCSX)

This was last updated in October 2010

Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSecurity.co.uk-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

PCI survey finds more compliance spending planned to meet guidelines

A survey of 500 security professionals found that, although the compliance initiatives are burdensome, they are improving security at most organisations.
NuBridges update enables simultaneous data center tokenisation

NuBridges Inc. has released an updated version of its enterprise tokenisation product, seeking to eliminate a key pain point for large companies implementing tokenisation.
PCI tokenization guidance could benefit payment processors

Framework could help merchants decide how to invest in new card data encryption and tokenization technologies being offered by payment processors.

Articles

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

Networking UK
Virtual Data Centre
Data Management UK
Security
Cloud Security
Security IN

Networking UK
- O2 signs UK deal for mobile management offering: SNUK news in brief
  
  SearchNetworkingUK Briefs provides a summary of the week’s new product, services and appointment announcements. This week includes mobile management and much more.
- FCoE or iSCSI? Doesn’t matter! It’s about the Ethernet
  
  Some question the path to network convergence - is it through FCoE or iSCSI? Either way, preparing the existing infrastructure will be key to a healthy network environment.
- Is cloud computing bad for your networking career?
  
  Many network managers may have an emotional resistance to cloud computing, but experts explain the economic benefits and positive career impact outsourcing data centre resources can have.
Virtual Data Centre
- Download IT in Europe: August 2012
  
  This month's IT in Europe examines the views of the experts on the new EU framework, and assess what it means for European IT managers.
- Download Technology Priorities for 2012
  
  Download Technology Priorities for 2012
- Download IT in Europe: June 2012
  
  This month's IT in Europe examines how you can prepare for the new EU data regulations.
DataManagement UK
- Big data roundtable webcast: gaining value from big data
  
  Roundtable discussion on business value of big data, chaired by Brian McKenna, Editor, SearchDataManagementUK, and featuring Mike Ferguson, Roxane Edjlali (Gartner), Joshua LeCure (GlaxoSmithKline).
- 2012 training courses: BI, data management, data warehousing
  
  Find out where to hone your business intelligence, data management and data warehouse skills with this list of training courses for 2012.
- Poor data quality: what is dirty data costing UK organisations?
  
  Poor data quality can have serious financial consequences for businesses. Read about the current state of data quality management at UK companies, including dirty data problems.
Security
- Case study: CDI launches aviation company DLP program on short runway
  
  Technology services company CDI-Aerospace used a Verdasys DLP solution to manage third-party risk for a major aviation client.
- IT certification guide: Vendor-specific information security certifications
  
  Experts Ed Tittel and Mary Lemons provide a 2013 overview of vendor-specific information security certifications available.
- Introduction: Vendor-neutral security certifications for your career path
  
  Ed Tittel and Mary Lemons offer the definitive primer for vendor-neutral security certifications in 2013.
Cloud Security
- AWS FedRAMP certification fast-tracks Amazon cloud for U.S. government
  
  AWS becomes the biggest cloud provider to earn FedRAMP certification, easing the transition to AWS for U.S. government agencies.
- For cloud backup and disaster recovery, bandwidth proves problematic
  
  When it comes to cloud backup and disaster recovery, organizations are holding back due to insufficient bandwidth and lengthy recovery times.
- Can self-managed cloud security controls ease enterprise concerns?
  
  Expert Dave Shackleford details how enterprises can increasingly manage their own cloud security controls with private virtual cloud offerings.
Information Security
- BYOD: Securing the risk to access the cost benefits
  
  Bring-your-own-device schemes offer businesses the opportunity to cut the costs and improve user experiences, but benefits can be dwarfed by the risks.
- A CIO's five-point plan for managing endpoint security
  
  Niel Nickolaisen offers a five-point solution for managing endpoint security for the hyper-connected enterprise -- starting with data governance.
- Microsoft offers 'fix' for latest Internet Explorer zero day
  
  Microsoft released a temporary fix to mitigate attacks using the most recent Internet Explorer 8 zero day vulnerability.

All Rights Reserved,Copyright 2008 - 2013, TechTarget