Home » GPG 13

Executive Summary

What is GPG13 and how do I get GPG13 compliance? Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles. Essentially, a Protective Monitoring solution will provide visibility and an understanding of who is accessing your organisations sensitive data. Implementation of protective monitoring solutions are recommended in a number of regulatory and industry best practices, such as PCI DSS , Cyber Security and SOX. While... 
 

What are CESG Recording Profiles?

Each of the Protective Monitoring Controls has an obligation to record specific information. The level of audit and accounting requirements will depend on the specific Recording Profile of the data. Within GPG13 there are four Recording Profiles, which roughly map to the to the HMG Information Assurance Standard no.1 Segmentation Model. The Segmentation Model has four hierarchical segments; Aware, Deter, Detect and Resist and Defend. The lowest segmentation level is Aware. At this level the organisation has an obligation to be Aware of public domain... 
 






© 2006-2017 Protective Monitoring – GPG13.