Protective Monitoring
An Introduction to GPG 13

First published: May 2010

by Jon Collins and Martin Atherton

MAIN POINTS

CESG (Communications and Electronic Security Group) Good Practice Guide 13 (GPG 13) is increasingly being mandated for organisations involved in UK government business, including government departments, public organisations and indeed service providers and outsourcing companies.

The guide boils down to some pretty straightforward advice, namely: “how to protect against anything untoward happening on, or to your computer systems." Who or what are we protecting against? The answer is both the people who access and misuse things they shouldn’t, as well as the systems they access.

The starting point and motivation for this document is that many organisations may need to get up to speed on GPG 13 because their governing bodies have requested it, or because it has become a pre-requisite for doing business.

This document discusses the impact of GPG 13, what doing it properly enables, and offers guidance on how to treat it as part of the bigger picture of sustainable IT change, risk mitigation and business efficiency.

This paper was compiled and written on an independent basis by Freeform Dynamics, based on multiple studies during 2009-2010, within the framework of its community research programme and sponsored by Tier 3.

This report is free of charge. Click the link above to download the report in PDF format.

If you experience any problems during this process please contact us at;
info@freeformdynamics.com or call +44 (0)1425 626501 / 620008

Back to list | Print