Departmental Data Protection

Defence written question – answered on 12th January 2009.

Alert me about debates like this

Photo of Shailesh Vara Shailesh Vara Shadow Deputy Leader of the House of Commons

To ask the Secretary of State for Defence what percentage of the IT systems in (a) his Department and (b) its agencies are fully accredited to the Government's security standards.

Photo of Bob Ainsworth Bob Ainsworth The Minister of State, Ministry of Defence

The Ministry of Defence and its Agencies have several hundred computer systems in use ranging from corporate IT systems serving thousands of users across the Department and its Agencies, to business area systems serving smaller communities. The following data cover those systems within the MOD and its Agencies where accreditation is centrally controlled by Defence Security and Standards Assurance (DSSA), which are either connected to the MOD networks, or are stand alone above Secret, or are systems that contain significant value to the MOD e.g. those systems that contain particularly sensitive or personal data. It does not include those systems where authority for accreditation has been delegated e.g. stand alone systems with no onward connectivity, and where a further breakdown of information could be provided only at disproportionate cost.

58 per cent. of systems have been through the accreditation process. Of these, 27 per cent. of systems are classed as fully accredited and are being operated in a manner within the MOD's Senior Information Risk Owner (SIRO)'s risk appetite; 31 per cent. of systems are currently classed as having conditional or interim accreditation with constraints placed on the operation of the system to ensure that identified risks are adequately managed within SIRO's risk appetite.

The balance of systems (42 per cent.) are in the process of being accredited; this represents the significant workload undertaken to plan and develop solutions for new equipment systems or platforms; this also includes applications from legacy systems, many of which will be migrated onto the developing Defence Information Infrastructure.

Does this answer the above question?

Yes0 people think so

No0 people think not

Would you like to ask a question like this yourself? Use our Freedom of Information site.