TechnologyAccounting SoftwareSecurity accreditation on trial

Security accreditation on trial

The government is set to trial an IT security accreditation that it hopes will assure both the private and public sectors that software companies, which sell products such as antivirus software and firewalls, meet quality standards.

Link: Hack attacks and spam set to increase

The accreditation scheme – similar to the familiar kitemark – may allay fears over the increasing amount of spam that clogs email inboxes and malicious attacks against IT systems.

Accountancy Age’s sister publication, Computing, has been calling for such a programme for the past two years as part of its Trust campaign. The Cabinet Office’s central sponsor for information assurance (CSIA) group, which coordinates information security projects across government, will trail the ‘Claims Test Mark’ scheme before the end of the year.

‘What we are trying to replicate is the Ronseal test, where a product does exactly what it says on the tin,’ said Harvey Mattinson, head of accreditation at the CSIA.

The accreditation scheme will primarily be focused on helping government departments, agencies and local authorities select information security products such as anti-virus software, firewalls and disk encryption.

‘The accreditation process will take weeks, rather than months or years,’ CSIA director Dr Stephen Marsh said.

‘With certain products and services, you need to have this kind of pace, as threats can change so rapidly.’ Vendor products submitted for review will be measured for security, integrity and ease of use, with the CSIA hoping to measure against BS and ISO 7799 standards in the future.

The CSIA-led General Information Assurance Products and Services Initiative will run the scheme and hopes it will provide private sector businesses with a way of gauging the quality of the product they are buying.

The CSIA is working with the United Kingdom Accreditation Service and CESG, the GCHQ-run national technical authority for information assurance, to establish a number of independent test centres and assessment criteria.

‘In principle this is a good idea, as it gives people standards they can understand and suppliers something they can strive towards,’ said Beatrice Rogers, head of private sector at IT industry body Intellect. ‘But the government needs to make it clear what accreditation means.’

‘With the ABTA stamp, consumers know if an airline collapses they’re likely to be protected. ‘Likewise, the government needs to make clear what accreditation means for both the client and the vendor adopting it,’ she said.

Just last month, an Ernst & Young survey highlighted concerns about the level of awareness about information security among businesses across the globe.

Nearly three-quarters of the 1,200 organisations questioned failed to list training and raising employee awareness of information security issues a top priority.

One in three respondents that had outsourced their IT operations said that they had not conducted a regular check on their IT providers to monitor compliance with information security policies.

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

3w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

8m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor