Only a few days to go: We’re raising £25,000 to keep TheyWorkForYou running and make sure people across the UK can hold their elected representatives to account.

Donate to our crowdfunder

Departmental Data Protection

Justice written question – answered on 21st January 2008.

Alert me about debates like this

Photo of Theresa Villiers Theresa Villiers Shadow Secretary of State for Transport

To ask the Secretary of State for Justice what audits his Department and its agencies have carried out in relation to personal data and IT equipment in each of the last 10 years.

Photo of Michael Wills Michael Wills Minister of State, Ministry of Justice, The Minister of State, Ministry of Justice

Our IT suppliers are contractually obliged to maintain the Department's IT systems in accordance with government security standards, and the relevant provisions of the Data Protection Act. Assurance that these security standards are being met is obtained through compliance with the HMG standard for information systems risk management, known as HMG Infosec Standard 2.

The Ministry of Justice and its agencies undertake a formal programme of audits each year as well as carrying out other internal reviews as required. The scope of these audits is dependent on the reason for the audit taking place, or the specific terms of reference for the review. Past audit programmes undertaken by the former Department for Constitutional Affairs have contained a number of audits that have included coverage of systems and procedures incorporating aspects of personal data, including their storage and processing. Audit reports have been issued and action taken where necessary.

Her Majesty's Prison Service (HMPS) is subject to continuous audit, under the oversight of the NAO. The results are considered by the HMPS's audit committee.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.