Best Practice Update

Checklists in navy text by Data Protection Education. Data Protection Services badge.  The DPE Knowledge Bank on a laptop screen

Product Focus on Checklists : Information and Cyber Security

All of our customers have access to the DPE Knowledge Bank which has a Best Practice Checklist area.  Each checklist is designed to help you walk through all aspects of data protection.
Did you know we have a series of checklists just for schools? The checklist will give you an insight about where your organisation is with data protection from a data privacy and technical security perspective. The checklists form part of the Best Practice library which includes contextualised guidance, documents and resources on specific areas of data processing.  The checklists form part of the ICO Accountability Framework which helps organisations with their governance and corporate risk management where it relates to data protection.    The checklists cover all aspects of the framework, enabling you to assess against organisation baselines:

  1. Leadership & Oversight
  2. Risk Management (DPIA's)
  3. Policies & Procedures
  4. Individual Rights
  5. Contracts & Data Sharing
  6. Transparency
  7. Training & Awareness
  8. Records Management
  9. Monitoring Verification & Reporting (Data Breaches, SARs and FOI's)
  10. Response & Enforcement (SARs and FOI's)

Information/Cyber Security

The Information and Cyber Security checklist covers a very high level cyber security check:
  1. Governance and Policies
  2. IT Checks
  3. Physical Checks
It asks a series of questions at all levels of the organisation from strategy to detailed operations, such as asset tagging equipment.

We can also provide more detailed checklists to help you work towards Cyber Essentials and also what is required for the DfE Digital Standards for Schools and Colleges if you are a school, trust or federation.

Answer a sample information/cyber security question:

Have staff completed cyber security training?

Invalid Input


Amazing, you have ticked off an important item on the Information and Cyber Security checklist.  Staff should have cyber security training annually if they have access to the network.  This should also include training and awareness about passwords, data breaches and information security.

For further help and guidance and access to the full checklist, please contact This email address is being protected from spambots. You need JavaScript enabled to view it..




As a controller you are responsible for keeping any personal data safe that you collected.  Raising cyber security awareness is part of keeping personal data and systems safe.  The DfE Digital Standards for School and Colleges advises that all staff that have access to the network should have annual training. This should include a designated governor.  The NCSC provides free School Staff Training.  Further free training is highlighted in this article: Free Cyber Training for Staff

Harry the Hacker loves to take data that isn't protected!

 

Clipart cartoon with headphones on Please contact us for more help and advice about data protection compliance and cyber security standards: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice. 

 


Try asking the data protection lead in your organisation, or SLT digital lead or contact your DPO:

We can provide help and guidance with data protection compliance, cyber security standards and records management: This email address is being protected from spambots. You need JavaScript enabled to view it. including the full checklist and best practice.



DPE customers can get started on completing the Information/cyber security checklist here:


Search