FOI Request

Dear Mr Schneider,

FREEDOM OF INFORMATION ACT 2000 - INFORMATION REQUEST
Key staff and Bexley connections - our reference 10/576

I acknowledge your request for information received on 16th August 2010.

Your request is being considered and you will receive the information requested within the statutory timescale of 20 working days as defined by the Freedom of Information Act 2000, subject to the information not being exempt or containing a reference to a third party.

For your information, the Act defines a number of exemptions, which may prevent release of the information you have requested. There will be an assessment and if any of the exemption categories apply then the information will not be released. You will be informed if this is the case, including your rights of appeal.

If the information you request contains reference to a third party then they may be consulted prior to a decision being taken on whether or not to release the information to you. You will be informed if this is the case.

There may a fee payable for this information. This will be considered and you will be informed if a fee is payable. In this event the fee must be paid before the information is processed and released. The 20 working day time limit for responses is suspended until receipt of the payment.

If you have any queries or concerns then please contact the Local Studies Librarian and Freedom of Information Officer, Bexley Local Studies and Archive Centre, Central Library, Townley Road, Bexleyheath, Kent DA6 7HJ.

Further information is also available from the Information Commissioner at: Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
www.ico.gov.uk

Yours sincerely,

John Grosvenor
Local Studies Librarian and Freedom of Information Officer
London Borough of Bexley
Local Studies and Archive Centre,
Townley Road,
Bexleyheath,
Kent. DA6 7HJ
Tel: 020 8303 7777 ext 3369
DDI 020 8836 7369
Fax: 020 8304 7058
[email address]

show quoted sections

Dear Dave Schneider,

I have been asked to seek clarification about part of your request for information relating to electronic payment cards.

PCI-DSS
Does your organisation process electronic payment cards?
How much money is processed from electronic payment cards per
annum?
How many electronic payment card transactions are processed per
annum?
Are you PCI-DSS compliant?

Is this referring to credit/debit cards or something else? If something else, we need you to provide further information in order to assist the Council to identify the correct information for the response.

I look forward to your further clarification.

Yours sincerely,

John Grosvenor
Local Studies Librarian and Freedom of Information Officer
London Borough of Bexley
Local Studies and Archive Centre,
Townley Road,
Bexleyheath,
Kent. DA6 7HJ
Tel: 020 8303 7777 ext 3369
DDI 020 8836 7369
Fax: 020 8304 7058
[email address]

show quoted sections

Dear Mr Schneider

Thank you for your recent freedom of information request
concerning posts and payment cards.

Your request has been considered and our response is shown below.

Provide, name, address and telephone number for the following people:

o Senior Information Risk Owner Not defined
o Governance Manager Not defined
o Information Security Officer/Manager Not defined
o Information Technology Security Officer/Manager Not defined
o Caldecott Guardian Linda Tottman, Deputy Director Youth and
Inclusion, direct dial 020 8836 8129

PCI-DSS
Does your organisation process electronic payment cards? Yes -
hosted by Capita
How much money is processed from electronic payment cards per
annum? £11.4m - credit and debit card
How many electronic payment card transactions are processed per
annum? 103,400 credit and debit card
Are you PCI-DSS compliant? Capita is fully PCI DSS compliant. Bexley
completed the Attestation of Compliance for Self-Assessment
Questionnaire C which is lodged with Bexley's bankers..

ISO 27001
Are you or have you considered becoming ISO 27001 compliant or
certified? Yes have considered

Government Connect
Are you connected and operationally utilising the Government
Connect network? Yes
If not have you considered connecting to Government Connect and
why was the decision made not to connect? n/a
Do you meet the Government Connect version three requirements? Yes
Please supply your latest CLAS consultant annual Government Connect
assessment/audit report, blanking out any statements which could
contravene a security concern from a third party reading it.
This part of your request is exempted under section 23 of the UK
Freedom of Information Act on the basis that CESG (who are part of [1]GCHQ
which is listed in the Act) are the primary authors of the underlying
document. GCHQ are contactable by email at [2][email address]

Do you meet the Government Connect version four requirements?
Partially
Please supply the latest internal report for the Government Connect
version four Audit/Assessment, blanking out any statements which
could contravene a security concern from a third party reading it.
This part of your request is exempted under section 23 of the UK
Freedom of Information Act on the basis that CESG (who are part of
[3]GCHQ which is listed in the Act) are the primary authors of the
underlying document. GCHQ are contactable by email at
[4][email address]

Criminal Justice Network
Are you connected to and operationally utilising the Criminal
Justice Network? No
If not have you considered connecting to the Criminal Justice
Network and why was the decision made not to
connect? Not considered
Please supply your latest annual assessment/audit report, blanking
out any statements which could contravene a security concern from a
third party reading it. Not applicable

NHS N3 Network
Are you connected to and operationally utilising the NHS N3
Network? No
If not have you considered connecting to the NHS N3 network and
why was the decision made not to connect?
Yes considered it but there is no definitive business requirement
for Bexley

Please supply your latest N3 Connection assessment/audit report,
blanking out any statements which could contravene a security
concern from a third party reading it. Not applicable
Do both schools and the Council share the same physical network
responsible for voice and data communications? No

If you are dissatisfied with the handling of your request please contact
the FOI Review Officer by email to [5][Bexley Borough Council request email]

You can also complain to the Information Commissioner at:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow,
Cheshire, SK9 5AF

Telephone: 0303 123 1113

Website: [6]www.ico.gov.uk

Yours sincerely,

Trevor Mogg
Procurement Manager
London Borough of Bexley
[7][email address]
Direct dial 020 8294 6422

show quoted sections