Response A1346375
Response to request for information
Reference
A1346375
Response date
4 February 2022
Request
Can you also supply me a copy of the following policies :
- IT Disaster Recovery Plan (e.g. DR plan, backup)
- IT Incident Response Plan (e.g. Cyber Attack, DDOS, Ransomware)
- Clean desk policy
- Access control policy (Access to business applications or network resources)
Please details
- Current measures in place to protect confidential information
- How you monitor staff access to business applications in your Council and ensure staff have a right of access
- How you implement and carry out checks to ensure staff are adhering to your clean desk policy
- Please forward any communications to staff regarding your Clean Desk policy
Response
Can you also supply me a copy of the following policies :
- IT Disaster Recovery Plan (e.g. DR plan, backup)
- I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
- IT Incident Response Plan (e.g. Cyber Attack, DDOS, Ransomware)
- I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
- Clean desk policy
- The Council does not have a formal policy, but does encourage a Clean Desk Policy in the workplace due to hot-desking in place at most of the Councils sites.
- Access control policy (Access to business applications or network resources)
- See information in theĀ User Access Policy.
Please details
- Current measures in place to protect confidential information
- I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
- How you monitor staff access to business applications in your Council and ensure staff have a right of access
- Line Managers have to authorise access to application and resources when new starters join.
- How you implement and carry out checks to ensure staff are adhering to your clean desk policy
- Not applicable
- Please forward any communications to staff regarding your Clean Desk policy
- This is encouraged by Line Management, and for them to keep an eye on their areas to ensure staff are keeping to a clean desk principle.