I'm pleased to report that our secure research data environment (epiLab-SS) has recently been successfully audited to the ISO-27001 Information Security standard. Pending final technical review by the auditors (LRQA), the certificate and accompanying registration should be issued within 4-6 weeks. We believe that the epiLab-SS service is unique for a UK University as it demonstrated the successful implementation of end-to-end ISO-27001 certification of a research data management service, leveraging the UK government's G-Cloud<http://gcloud.civilservice.gov.uk/> ISO-27001 services (at AIMES Grid Services CIC Ltd) in combination with local thin-client desktop services (at UCL).
A central component of the design of the UCL information security management system (ISMS) has been the use of Data Management Plans<http://www.dcc.ac.uk/resources/data-management-plans> (with an adapted MRC template<http://www.mrc.ac.uk/Ourresearch/Ethicsresearchguidance/datasharing/DMPs/index.htm>) in support of the asset & risk management process, as proposed by our JISC-funded DMP-SS project. This is an extension of our earlier TSB-funded Shared-Services Health Applications and Resources Environment (SHARE) project. More details of DMP-SS and SHARE can be found at: DMP-SS Website: http://www.ucl.ac.uk/ich/research-ich/mrc-cech/data/projects/dmp_ss DMP-SS Blog: http://blogs.ucl.ac.uk/dmp-ss/ SHARE website: http://www.share-project.org.uk/ Kind regards, Tito ________________________________ Dr Tito Castillo Chief Information Scientist, MRC Centre of Epidemiology for Child Health Chief Information Officer, Life Study UCL Institute of Child Health 30 Guilford Street London WC1N 1EH Tel: +44 20 7905 2146 Email: [email protected]<mailto:[email protected]> ________________________________________
