DISCLAIMER:
This duty is currently under review and has not yet been formally signed off by the relevant professional association. The information provided is for reference only and should not be treated as final or authoritative guidance. Please verify any decisions against approved sources or seek professional advice. Updates will be published once sign-off is complete.
Simple terms explainer:
Councils have a responsibility to keep their ICT systems secure and meet national cyber resilience standards. This means they must protect networks, data, and digital services against cyber threats by using strong security measures like firewalls, encryption, and regular updates. Councils also need to follow frameworks such as the Scottish Public Sector Cyber Resilience Framework, carry out risk assessments, train staff on cyber security, and have clear plans for responding to incidents.
Legal status
Statutory
Duty category
Corporate services
Duty type
Compliance
Social determinant of health
Social and community context
Emerging policy and legislation
0
Bodies with shared interest
CyberScotland Partnership
Audit Scotland
Chartered Institute of Information Security
Society of Local Authority Lawyers and Administrators in Scotland (SOLAR)
Standards and frameworks
2