A separate security review by Sopra has been commissioned by the programme to ensure that it has addressed all the security risks associated with the national infrastructure, and that there are countermeasures in place to combat those risks. The outputs from this exercise will be reviewed by Carol Peters of East Renfrewshire Council, who has joined the Customer First team on a part-time basis to review and update the current security policies and procedures for the national infrastructure. She will then work with councils to ensure that the security procedures provide the necessary assurances for councils.
Thirdly, a wider set of security policies and procedures to ensure compliance with BS7799 is to be put in place. This will establish the appropriate ‘checks and balances' for the future management, monitoring and review of security procedures.
These data and information management security reviews are being carried out in addition to the environmental and technical countermeasures which are already contained within the national infrastructure and the procedures already in place within the data processing centres at the lead council.
In the long term, the outputs from the national infrastructure programme will be assessed as a standard set of information security policies, procedures and documents that could be adopted by all councils. Providing there is council support, the Customer First team will be looking at how these policies and procedures could be maintained as part of a ‘standard security toolkit' for councils.
Further information
For more information on the national infrastructure programme, please contact nationalinfrastructure@improvementservice.org.uk
