Information Security (InfoSec) has probably one of the widest scopes in any organisation. It touches every department, every employee and nearly every technology, process and procedure. There are technical, business and legal risks to consider. InfoSec is about letting the right people in, and selecting the correct controls to ensure our infrastructure and its data remain safe and sound. Everything comes under 3 main headings; Confidentiality, Integrity, Availability.
Everything that the InfoSec function enforces is in the Trust Information Security Policy. It is the top level policy that the Trust Board has signed off. It contains security best practice, and is there to mitigate legal risks also. Everyone has the responsibility to read and adhere to it.
Just some of the services that are provided through Information Security in both technical and non-technical functions include:
© 2011 NHS Hampshire IT Solutions