Skip to additional navigation Skip to content

Response A1346375

Response to request for information

Reference

A1346375

Response date

4 February 2022

Request

Can you also supply me a copy of the following policies :

  • IT Disaster Recovery Plan (e.g. DR plan, backup)
  • IT Incident Response Plan (e.g. Cyber Attack, DDOS, Ransomware)
  • Clean desk policy
  • Access control policy (Access to business applications or network resources)

Please details

  • Current measures in place to protect confidential information
  • How you monitor staff access to business applications in your Council and ensure staff have a right of access
  • How you implement and carry out checks to ensure staff are adhering to your clean desk policy
  • Please forward any communications to staff regarding your Clean Desk policy

Response

Can you also supply me a copy of the following policies :

  • IT Disaster Recovery Plan (e.g. DR plan, backup)
    • I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
  • IT Incident Response Plan (e.g. Cyber Attack, DDOS, Ransomware)
    • I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
  • Clean desk policy
    • The Council does not have a formal policy, but does encourage a Clean Desk Policy in the workplace due to hot-desking in place at most of the Councils sites.
  • Access control policy (Access to business applications or network resources)

Please details

  • Current measures in place to protect confidential information
    • I am unable to release the information requested as the information is exempt from disclosure by virtue of section 31 of the Freedom of Information Act 2000. Section 31(1)(a) states that the information is exempt if its' disclosure would be likely to prejudice the prevention or detection of crime. The Council considers the public interest in protecting the security of its' IT network exceeds the public interest in disclosing the information requested.
  • How you monitor staff access to business applications in your Council and ensure staff have a right of access
    • Line Managers have to authorise access to application and resources when new starters join.
  • How you implement and carry out checks to ensure staff are adhering to your clean desk policy
    • Not applicable
  • Please forward any communications to staff regarding your Clean Desk policy
    • This is encouraged by Line Management, and for them to keep an eye on their areas to ensure staff are keeping to a clean desk principle.