Detailed cyber security information and advice across 10 critical technical and procedural areas.
The actions and measures detailed in each of these advice sheets collectively represents a good foundation for effective information risk management. The degree of implementation of each step will vary between organisations depending upon the risks to their individual business. However, GCHQ’s recommendation is that Boards should require their CIO and CISO to be able to articulate why a particular measure is not applicable.
This document is part of the 10 steps to cyber security document set.