Download original attachment
(PDF file)
This is an HTML version of an attachment to the Freedom of Information request 'FOI Request'.
Freedom of Information Ref: 30398 
 
Senior Information Risk Owner: we have no post for this 
Governance Manager
Sue Holman-Harris, Information Governance Manager, 
County hall High Street Newport po30 1ud tel 1983 821000 
Information Security Officer/Manager: we have no post for this  
Information Technology Security Officer/Manager  David Booth ICT Security 
Manager , County hall, High Street, Newport po30 1ud tel 1983 821000 
Caldecott Guardian: Davina Fiore. Director of Corporate Services, County hall, 
High Street, Newport po30 1ud tel 1983 821000 
 
 
PCI-DSS  
 
Does your organisation process electronic payment  Yes  
cards?  
How much money is processed from electronic 
£7,844,926.94 for the period 
payment cards per annum?  
01/04/09 – 21/03/10 
How many electronic payment card transactions 
105,514 for the period 01/04/09 – 
are processed per annum?  
21/03/10 
We are working towards compliance 
Are you PCI-DSS compliant?  
in this financial year  
ISO 27001  
 
Are you or have you considered becoming ISO 
We have ISO27001 on our roadmap 
27001 compliant or certified?  
for the future 
Government Connect  
 
Are you connected and operationally utilising the 
Government Connect network? If not have you 
Yes  
considered connecting to Government Connect and 
why was the decision made not to connect  
Do you meet the Government Connect version 
Yes  
three requirements?  
Please supply your latest CLAS consultant annual  The information you requested has 
Government Connect assessment/audit report, 
been refused under Section 31 of the 
blanking out any statements which could 
Freedom of Information act. Please 
contravene a security concern from a third party 
see the attached refusal notice.  
reading it  
Do you meet the Government Connect version four  We are actively working towards 
requirements?  
compliance 
Please supply the latest internal report for the 
Government Connect version four 
Audit/Assessment, blanking out any statements 
Not currently held 
which could contravene a security concern from a 
third party reading it  
Criminal Justice Network  
 
Are you connected to and operationally utilising 
the Criminal Justice Network? If not have you 
We are not directly connected to the 
considered connecting to the Criminal Justice 
CJ network, but are able to link via 
Network and why was the decision made not to 
the GCSx network 
connect?  
Please supply your latest annual assessment/audit 
report, blanking out any statements which could 
N/A 
contravene a security concern from third party 
reading  
NHS N3 Network  
 
Are you connected to and operationally utilising 
We are not directly connected to the 
the NHS N3 Network? If not have you considered  N3 network, but are able to link via 
connecting to the NHS N3 network and why was 
the GCSx network 
the decision made not to connect?  
Please supply your latest N3 Connection 
assessment/audit report, blanking out any 
N/A 
statements which could contravene a security 
concern from a third party reading  
Do both schools and the Council share the same 
physical network responsible for voice and data 
No 
communications?