Follow this request

There is 1 person following this request

Follow by email

RSS feed of updates

Act on what you've learnt

Tweet this request

Start your own blog

Get help investigating

Write to your politician

Pledge with others

Similar requests

FOI Request

Dave Schneider made this Freedom of Information request to Isle of Anglesey Council

The request was successful.

From: Dave Schneider

18 August 2010

Sir/Madam,

I wish to make a request under the Freedom of Information Act. The
following questions and information I wish to have sent to me are
as follows:

Provide, name, address and telephone number for the following
people:
• Senior Information Risk Owner
• Governance Manager
• Information Security Officer/Manager
• Information Technology Security Officer/Manager
• Caldecott Guardian

PCI-DSS
Does your organisation process electronic payment cards?
How much money is processed from electronic payment cards per
annum?
How many electronic payment card transactions are processed per
annum?
Are you PCI-DSS compliant?

ISO 27001
Are you or have you considered becoming ISO 27001 compliant or
certified?

Government Connect
Are you connected and operationally utilising the Government
Connect network? If not have you considered connecting to
Government Connect and why was the decision made not to connect?
Do you meet the Government Connect version three requirements?
Please supply your latest CLAS consultant annual Government Connect
assessment/audit report, blanking out any statements which could
contravene a security concern from a third party reading it.
Do you meet the Government Connect version four requirements?
Please supply the latest internal report for the Government Connect
version four Audit/Assessment, blanking out any statements which
could contravene a security concern from a third party reading it.

Criminal Justice Network
Are you connected to and operationally utilising the Criminal
Justice Network? If not have you considered connecting to the
Criminal Justice Network and why was the decision made not to
connect?
Please supply your latest annual assessment/audit report, blanking
out any statements which could contravene a security concern from a
third party reading it.

NHS N3 Network
Are you connected to and operationally utilising the NHS N3
Network? If not have you considered connecting to the NHS N3
network and why was the decision made not to connect?
Please supply your latest N3 Connection assessment/audit report,
blanking out any statements which could contravene a security
concern from a third party reading it.
Do both schools and the Council share the same physical network
responsible for voice and data communications?

Yours faithfully,

Dave Schneider

Link to this

From: RHYS K JONES
Isle of Anglesey Council

14 September 2010

SECL Approval letter to Isle of Anglesey.pdf
69K Download View as HTML

The answers to your FOI request are contained below:

Sir/Madam,

I wish to make a request under the Freedom of Information Act.
The
following questions and information I wish to have sent to me are
as follows:

Provide, name, address and telephone number for the following
people:
● Senior Information Risk Owner
● Governance Manager
● Information Security Officer/Manager
● Information Technology Security Officer/Manager
● Caldecott Guardian

We don't have anyone with the above job titles. Our Head of IT is:

David Gardner
Council Offices
Llangefni
Anglesey
LL77 7TW
01248-752671

PCI-DSS
Does your organisation process electronic payment cards?
How much money is processed from electronic payment cards per
annum?
How many electronic payment card transactions are processed per
annum?
Are you PCI-DSS compliant?

We do process electronic payment cards.

Money processed p.a. £1,952,973

Transactions p.a. 11187

We are not yet PCI-DSS compliant.

ISO 27001
Are you or have you considered becoming ISO 27001 compliant or
certified?

No.

Government Connect
Are you connected and operationally utilising the Government
Connect network? If not have you considered connecting to
Government Connect and why was the decision made not to connect?
Do you meet the Government Connect version three requirements?
Please supply your latest CLAS consultant annual Government
Connect
assessment/audit report, blanking out any statements which could
contravene a security concern from a third party reading it.
Do you meet the Government Connect version four requirements?
Please supply the latest internal report for the Government
Connect
version four Audit/Assessment, blanking out any statements which
could contravene a security concern from a third party reading
it.

We do use the Government Connect Network.

We do meet the version 3 requirements.

The GCSX Code of Connection report is attached.

Criminal Justice Network
Are you connected to and operationally utilising the Criminal
Justice Network? If not have you considered connecting to the
Criminal Justice Network and why was the decision made not to
connect?
Please supply your latest annual assessment/audit report,
blanking
out any statements which could contravene a security concern from
a
third party reading it.

We don't use this.

NHS N3 Network
Are you connected to and operationally utilising the NHS N3
Network? If not have you considered connecting to the NHS N3
network and why was the decision made not to connect?
Please supply your latest N3 Connection assessment/audit report,
blanking out any statements which could contravene a security
concern from a third party reading it.
Do both schools and the Council share the same physical network
responsible for voice and data communications?

We don't use this.

Yours faithfully,

Dave Schneider

show quoted sections

Link to this

Things to do with this request

Anyone:

Add an annotation (to help the requester or others)
Download a zip file of all correspondence

Dave Schneider only:

Isle of Anglesey Council only:

Respond to request