Definition

Information Assurance Standard 6 (IAS 6)

TechTarget Contributor

By

TechTarget Contributor

The Information Assurance Standard 6 (IAS 6) is legislation enacted by the British government in May 2009 as part of its Security Policy Framework (SPF). SPF is a response to government data breaches uncovered in the government's Data Handling Review.

IAS 6 requires all government agencies to submit reports of compliance to the U.K. Cabinet Office to prove that the methods they use to process and store sensitive personal information are secure. The original reporting deadline was 15 June, 2009.

IAS 6 is supported by Good Practice Guide 15, which is published by the U.K. Cabinet Office and the Communications-Electronics Security Group (CESG). CESG gives a more prescriptive explanation of not only the data that must be collected for the report, but also how to collect it.

This was last updated in October 2010

SearchCompliance

compliance risk
Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting ...
information governance
Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...
enterprise document management (EDM)
Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

SearchSecurity

IPsec (Internet Protocol Security)
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any ...
principle of least privilege (POLP)
The principle of least privilege (POLP) is a concept in computer security that limits users' access rights to only what are ...
biometric authentication
Biometric authentication is a security process that relies on the unique biological characteristics of individuals to verify they...

SearchHealthIT

protected health information (PHI) or personal health information
Protected health information (PHI), also referred to as personal health information, is the demographic information, medical ...
digital health (digital healthcare)
Digital health, or digital healthcare, is a broad, multidisciplinary concept that includes concepts from an intersection between ...
HIPAA (Health Insurance Portability and Accountability Act)
HIPAA (Health Insurance Portability and Accountability Act) is United States legislation that provides data privacy and security ...

SearchDisasterRecovery

risk mitigation
Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.
call tree
A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...
Disaster Recovery as a Service (DRaaS)
Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

cloud storage
Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...
cloud testing
Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...
storage virtualization
Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close