To ask the Secretary of State for Communities and Local Government what IT security strategy her Department has in place; what steps are being taken to ensure the strategy is being followed; what policy is in place on the use of encryption when data are sent externally; and what sanctions are in place for use should the policy not be followed.
Information is a key asset to Government and its correct handling is vital to the delivery of public services and to the integrity of HMG. The Security Policy Framework, the Data Handling Report and the National Information Assurance Strategy produced by the Cabinet Office provide a strategic framework for protecting information that Government handles and put in place a set of mandatory measures which Departments must adhere to.
The Department for Communities and Local Government is compliant with the security policies contained in the Government Security Policy Framework including those for information security and assurance.
Depending upon the circumstances, a range of sanctions are available including disciplinary or administrative action, and in extreme or persistent cases, termination of employment/services and, if appropriate, criminal proceedings.