Skip to additional navigation Skip to content

Response 1817141

Response to request for information

Reference

1817141

Response date

2 August 2023

Request

  1. Does your organisation use any applications or software to record Record of Processing Activity (ROPA)?

    If so, please state the product name(s) and version number(s) (if known)

  2. Does your organisation use any applications or software to support preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?

    If so, please state the product name(s) and version numbers(s) (if known)

  3. Does your organisation use any applications or software associated with data breach management?

  4. Does your organisation use any applications or software associated with Freedom of Information management?

    If so, please state the product name(s) and version numbers(s) (if known)

  5. Does your organisation use any applications or software for Policy Management?

    If so, please state the product name(s) and version numbers(s) (if known)

  6. Does your organisation use any eLearning for Data Protection and Security Awareness?

    If so, please state the product name(s) and version numbers(s) (if known)

  7. Has your organisation reviewed / explored the market regarding the provision of technology which supports the delivery of Information Governance functions?

    If yes - please specify what actions have been taken?
    If no - does your organisation have any plans to review / explore this market in the next 3 years?

  8. Has your organisation allocated budget / financial resources regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

    If yes - please specify what actions have been taken?
    If no - does your organisation have any plans to allocate budget / financial resources in the next 3 years?

  9. Has your organisation developed a business case (outline or otherwise) regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

    If yes - please specify what actions have been taken?
    If no - does your organisation have any plans to develop a business case in the next 3 years?

  10. Will there be any opportunities to engage with your organisation regarding the commissioning / procurement of technology which supports the delivery of Information Governance function in the next three years?

Response

  1. Does your organisation use any applications or software to record Record of Processing Activity (ROPA)?

If so, please state the product name(s) and version numbers(s) (if known)

Office365 - Excel Spreadsheet

 

  1. Does your organisation use any applications or software to support preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?

If so, please state the product name(s) and version numbers(s) (if known)

The Council is not ISO 27001 compliant

 

  1. Does your organisation use any applications or software associated with data breach management?

Office365 – Excel Spreadsheet

Office365 – Word Document

 

  1. Does your organisation use any applications or software associated with Freedom of Information management?

If so, please state the product name(s) and version numbers(s) (if known)

ESB Platform 21.10

 

  1. Does your organisation use any applications or software for Policy Management?

If so, please state the product name(s) and version numbers(s) (if known)

All Council policies are produced using Microsoft Word, then saved as PDF and published on the Councils internal Intranet.

 

  1. Does your organisation use any eLearning for Data Protection and Security Awareness?

If so, please state the product name(s) and version numbers(s) (if known)

Yes we use Learning Pool GDPR 1 – What is GDPR, GDPR 2 – Data Handling rules, GDPR 3 – Data Breaches, version numbers unknown

 

  1. Has your organisation reviewed / explored the market regarding the provision of technology which supports the delivery of Information Governance functions?

If yes - please specify what actions have been taken?

The Council are migrating to Microsoft Teams and SharePoint to take advantage of Retention labelling/policies to ensure data is only retained for the duration necessary.

 

  1. Has your organisation allocated budget / financial resources regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

If no - does your organisation have any plans to allocate budget / financial resources in the next 3 years?

No, there is no dedicated budget for Information Management and Governance, nor plans in the future to provision budget.

 

  1. Has your organisation developed a business case (outline or otherwise) regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?

If yes - please specify what actions have been taken?

ICT Services have leveraged the licensing benefits from Microsoft to utilise Microsoft 365 for the management of unstructured data.

 

  1. Will there be any opportunities to engage with your organisation regarding the commissioning / procurement of technology which supports the delivery of Information Governance function in the next three years?

Business Systems used by the Council such as Document Management Systems all tend to have their own information management and governance features around retention and searching abilities etc. Unstructured data is a challenge to maintain, hence the move to utilising Microsoft 365 as describe above.