We need your support to keep TheyWorkForYou running and make sure people across the UK can continue to hold their elected representatives to account.Donate to our crowdfunder
The Ministry of Defence (MOD) takes any theft, loss, attacks, or misuse of its information, networks and associated media storage devices very seriously and has robust procedures in place to mitigate against and investigate such occurrences. Furthermore, new processes, instructions and technological aids are continually being implemented to mitigate human errors and raise the awareness of every individual in the Department.
The MOD does not generally record items as ‘lost’. Any incident where an information asset has not been handled and recorded correctly in accordance with our strict guidelines is recorded as the asset being ‘unaccounted for’. In a high proportion of cases where information and communications technology (ICT) is reported as missing it is likely it has been officially disposed of without the correct record being maintained.
352 of the assets recorded as ‘unaccounted for’ in financial year (FY) 2012-13 are a result of a legacy accounting issue with the accuracy of recording assets belonging to a network which was in use from approximately 1990 to 2005 and contained around 88,000 assets. The discrepancy was noted as a result of responses to the Burton report in 2008 but ongoing action to locate the assets resulted in it not being centrally recorded at this time. It was formally reported to the Joint Security Co-ordination Centre (JSyCC) as part of negotiations for a contract transfer in 2012. For this reason it appears in FY 2012-13, although the incident itself will have taken place over eight years ago. Investigations suggest it is very likely that none of these assets has left MOD establishments and that they have therefore not been ‘lost’. However, they are recorded as ‘unaccounted for’ as this cannot be conclusively proven at this time.
It is MOD policy that all portable computers and removable media should be encrypted. Therefore, even when a device cannot be accounted for (or is stolen) the MOD can be confident that the risk of information being compromised is low.
The following table details the number of reported unaccounted for or stolen computers, mobile telephones, BlackBerrys and other pieces of ICT equipment centrally reported within the Department in FY 2010-11, FY 2011-12 and FY 2012-13:
|Number of items unaccounted for or stolen|
|ICT type||1 April 2010 to 31 March 2011||1 April 2011 to 31 March 2012||1 April 2012 to 31 March 2013|
|(1) 352 of these are a result of a single legacy incident.|