Security Policy Requirements. The Recipient shall comply with the requirements for the protection of the various classifications of information set out in the following documents: IPPR01-TAC09 - “Information Security Responsibilities for Contractors Handling ‘OFFICIAL’ Information outside NDA Premises” IPPR01-TAC10 - "Cyber Essentials in the NDA" IPPR01-TAC11 - "Contractors working in non-NDA locations" SCP03 - "Information Security Policy" SCP04 - "Clear Desk Policy" SCP07 - "Business Travel and Working With NDA Issued Equipment in Overseas Locations" SCP08 – “Mobile and Remote Working Policy” Further information on security markings is available from: xxxxx://xxx.xxx.xx/government/publications/government-security-classifications Legal Requirements The Recipient must comply with their legal obligations, including those defined in: The Data Protection Act 2018 (alongside EU GDPR) Computer Misuse Act 1990
Security Policy Requirements. Contractor shall address, in policy, the following security related areas:
