Summary

It is of note that Sir Richard Wilson (Head of the Home Civil Service) mandated that all Government Departments, Agencies and NGOs should have plans in place to implement BS 7799 by the end of 1999. This was further reinforced by the requirement to have information security present in these organisations conforming to BS 7799 by 2003.

These NGOs are supposed to have information security levels commensurate with ISO 27001 (was BS 7799) in place - in fact the author audited two of them for this purpose.

However, not one of the Regulators above mandates any level of information security with the possible exception of the FSA, the remainder leaving the responsibility to the regulated company

In the extreme, each of these Regulators can fine the firms they regulate or remove their licenses to operate.

An Introduction To Corporate Regulation and Standardization
Summary It is of note that Sir Richard Wilson (Head of the Home Civil Service) mandated that all Government Departments, Agencies and NGOs should have plans in place to implement BS 7799 by the end of 1999. This was further reinforced by the requirement to have information security present in these organisations conforming to BS 7799 by 2003. These NGOs are supposed to have information security levels commensurate with ISO 27001 (was BS 7799) in place - in fact the author audited two of them for this purpose. However, not one of the Regulators above mandates any level of information security with the possible exception of the FSA, the remainder leaving the responsibility to the regulated company In the extreme, each of these Regulators can fine the firms they regulate or remove their licenses to operate.	Practitioner.Com: An Introduction to Corporate Regulation and Standardization
Return To An Introduction to Corporate Regulation and Standardization