The Data Protection Act requires that appropriate security measures are in place to safeguard against unauthorised or unlawful access/processing of personal data. To help you put the basics in place we have therefore identifed several topics which are often considered pre-requisites to sound information security:

Security Policies are fundamental to your security. Our page on the topic identifies a leading specialist portal.

Disaster Recovery Planning is often overlooked, but is undoubtedly a critical activity.

For general security audit/review checklists, to help you establish how secure you actually are, The Security Audit Shop provides for a range of areas.

Finally, for a risk based approach to security, risk analysis is a technique to match the level of control with the likelihood of the threat and the nature of the impact.