I have been surfing the internet for hours about BS7858 (Employee Vetting) and BS8470 (Secure Information Destruction).There is plenty of information about generic descriptions of the standards – in other words what they are trying to achieve in terms of security and data destruction and the business case for them.There is no sign of a free copy of the standard itself or any information on what practically one has to do to comply in terms of procedures for computer disposal or WEEE recycling etc.
There are plenty of sites which feature quotes from the standards – it sounds like legalese – but there are no views of standard as a whole.
There is also little evidence of a central point of contact or a trade association within the UK.Several trails have taken me to the British Security Industry Association which has a broad remit covering anything from night club bouncers through to burglar alarm installers.There is an Information Destruction section and at first this seems like a good potential source of information.On closer investigation, this is much more for established data destruction businesses. I appreciate and understand the BSIA’s reasons for this – but it doesn’t serve me right now.
Based on diary entries