1. Latest News
  2. Submit Press Release
  1. PR Home
  2. Latest News
  3. Feeds
  4. Alerts
  5. Submit Free Press Release
  6. Journalist Account
  7. PRNewswire Distribution

HMG Unprepared for Government Security Classifications Policy (GSCP) warns Auriga

GSCP Transition Service fills void left by lack of industry guidance

PRLog - Jan. 20, 2014 - CENTRAL LONDON, U.K. -- Auriga Consulting Ltd (Auriga), the expert data, ICT and security consultancy, today warned that many of Her Majesty’s Government (HMG) departments, agencies and associated suppliers are unprepared for the Government Security Classifications Policy (GSCP) due to come into force in April 2014. The GSCP requires newly created or amended data to be categorised under three new tiers in a bid to simplify data classification and protection. A number of CESG Information Assurance Notices (CIAN) and CESG Information Assurance Top Tips (CIATT) which were due to be issued to help with implementation, as well as revisions to Baseline Security Objectives (BSO), have yet to emerge. Auriga has developed the GSCP Transition Service to provide practical advice on how to navigate the transition, a process which is liable to be far more complex than many anticipate, as it will encompass adjustments to data storage and risk management.

The GSCP is part of the Civil Service Reform Plan and was devised to reduce the complexity and costs of sharing and protecting data. The current Government Protective Marking System (GPMS) will be superseded by GSCP, with the six tiers of TOP SECRET, SECRET, CONFIDENTIAL, RESTRICTED, PROTECT and UNCLASSIFIED due to be replaced by TOP SECRET, SECRET and OFFICIAL. Government Departments and Agencies are obliged to apply the policy and ensure that consistent controls are implemented throughout their public sector delivery partners (i.e. NDPBs and Arms Length Bodies) and wider supply chain and users are personally accountable for safeguarding marked assets in line with the policy.

GSCP will streamline the classification process with up to eighty percent of data expected to be classified under the lowest OFFICIAL tier. There is also no requirement to mark routine OFFICIAL data. Legacy data can continue to stored and classified under the previous GPMS system unless it is amended or incorporated into another data set. HMG departments, agencies and their suppliers must therefore accommodate both the new and legacy marking systems and seek to develop any risk management processes that were reliant upon the classification system to assign risk.

“Data classification is just the tip of the iceberg; we must address the management processes that lurk beneath the waterline. HMG departments, agencies and suppliers will need to ensure data management is robust enough to accommodate both classification systems for some time to come and that means unpicking mistakes. Regrettably many have been ill advised in the past and have relied upon prescribed Impact Levels to determine information assessments. Consequently, what should have been a relatively simple transition to a new scheme can become a complete overhaul of the data management process,” cautions Louise T. Dunne, Managing Director, Auriga. “Recognising the need for guidance we have developed the GSCP Transition Service (http://www.aurigaconsulting.com/gpms-gscp.php) which enables public and private sector organisations to address baseline procedures and accommodate changes in classification once and for all, helping to resolve and overcome a legacy of data management issues and embed scalability.”

Auriga is one of the first to market with a dedicated solution and has developed the GSCP Transition Service to assist Government Departments, Agencies and their suppliers as they seek to adjust to and implement the new classification system. The GSCP Transition Service is a risk management package that fulfils current and future requirements by using data life cycle management to manage data assets. Offered as a modular service, the GSCP Transition Service can be implemented end-to-end or used to augment existing data lifecycle processes and is delivered by a team of CLAS and CESG Certified Professional (CCP) consultants, Business Analysts and Technical Architects with risk management expertise and is available on the G-Cloud Cloudstore.

About Auriga

Auriga Consulting Ltd (Auriga) is an expert consultancy specialising in Data Management, Information Assurance, Corporate Governance, Business Process Modelling, Analysis, ICT and Security. We advocate data as the most valuable part of your business and combine superior security and assurance knowledge with a wealth of business management consultancy and efficiency skills. Using a unique set of methodologies we embed security by overlaying it onto business process and analysing data.

Auriga reported a turnover of more than £1million in its first full year of trading, cementing its reputation as one of the most dynamic and versatile solutions providers in the marketplace today. We have worked on some of the most demanding projects in the UK for customers from the public and private sectors, advising upon the architectures and business processes adopted for the G-Cloud project, NHS and social services databases, and leading the BSi’s largest audited UK organisation successfully through ISO 27001. To find out more, please go to www.aurigaconsulting.com or follow us on Twitter @AurigaConsult.

Sarah Bark

--- End ---

Click to Share

Contact Email:
***@aurigaconsulting.com Email Verified
Location:Central London - London - United Kingdom
Tags:government, HMG, GSCP, data classification, CESG
Verified Account Email Address
Verified Account Phone Number

Disclaimer:   Issuers of the press releases are solely responsible for the content of their press releases. PRLog can't be held liable for the content posted by others.   Report Abuse

Latest Press Releases By “


Trending News...

  1. SiteMap
  2. Privacy Policy
  3. Terms of Service
  4. Copyright Notice
  5. About
  6. Advertise
Like PRLog?
Click to Share