What are the Penalties for Non-Compliance? Service providers with access to government data should also comply with the requirements. While the regulatory guidelines of GPG 13 were mainly designed for Her Majesty’s Government (HMG) departments and agencies, service providers can also find themselves needing to comply. GPG 13 outlines that it is the responsibility of agencies and departments to make sure that they have the necessary protection in place that matches their risk profile. HMG agencies are expected to have the necessary tools to maintain IT systems and have the means to detect when a device has been compromised. Transparency is a fundamental principle of GPG 13.
GPG SUITE GUIDE HOW TO
The 12 protective monitoring controls provide government agencies with practical guidance on how to maintain the integrity of their internal systems. Essentially, these controls tell agencies how to monitor internal systems to manage risk factors.įor example, using infrastructure monitoring or traffic analysis to detect if a cyber attacker is attempting to join the network. Protective monitoring controls include practical measures such as event log management to intrusion detection systems and network monitoring. The guide is part of the UK Cabinet Office’s Security Policy Framework to govern the management systems with access to UK government data. GPG 13 is a protection monitoring framework that dictates Protective Monitoring Controls that Her Majesty’s Government (HMG) departments and agencies must follow to manage risks to their systems. Under GPG 13, UK government organizations have a responsibility to use monitoring, logging, and other security measures to protect sensitive data. Good Practice Guide 13 or GPG 13 is a list of measures that outline how UK government data must be protected.
0 kommentar(er)
