FOI Request

Dear Mr Schneider,

FREEDOM OF INFORMATION ACT 2000 - INFORMATION REQUEST
Thank you for your request for information which I acknowledge was
received by the County Council today.

Your request is currently being considered. If the County Council is able
to provide you with the information you have requested, then under the
Freedom Of Information Act you are entitled to receive it within 20
working days.

For your information, the FOI Act defines a number of exemptions which may
prevent release of some or all of the information you have requested. The
County Council will assess your information request in light of the
exemptions. If exemptions do apply, then the County Council may decide
not to release all, or part, of the information you have requested. I
shall inform you if this is the case, and advise you of your rights of
appeal.

If the information you request contains reference to a third party then
they may be consulted prior to a decision being taken by the County
Council as to whether to release the information to you. You will be kept
informed if this is the case.

Any information provided to you will be either in the format you have
specifically requested or by the same means in which the request was made.
However, If you require an alternative format, e.g. by e-mail, in a
different language, or in audio, large print, etc. then please let me
know.

The County Council will not charge a fee to provide you with the
information you have requested, provided the cost of dealing with your
request is less than *450. If it appears likely that your request will
cost more than *450 to deal with then I will write to you again asking if
you are willing to pay the fees incurred, and setting out clearly what
those fees will be, in accordance with the FOI Act.

If you have any queries or should you wish to make a complaint about the
manner in which your request is being dealt with then please do not
hesitate to contact me at the above address in the first instance. Any
complaints will be dealt with under the County Council's internal review
procedure.

Further information about your rights under the Freedom of Information
Act, is available from the Information Commissioner's Office (0303 123
1113) or [1]www.ico.gov.ukand on the County Council's website.

I will be in touch again shortly.

Your sincerely

Donna Curtis
FOI Officer
Resources Directorate
Warwickshire County Council
Tel: 01926 418089
Minicom: 01926 412277
E-Mail: [email address]
www.warwickshire.gov.uk

This transmission is intended for the named addressee(s) only and may
contain sensitive or protectively marked material up to RESTRICTED and
should be handled accordingly. Unless you are the named addressee (or
authorised to receive it for the addressee) you may not copy or use it, or
disclose it to anyone else. If you have received this transmission in
error please notify the sender immediately. All email traffic sent to or
from us, including without limitation all GCSX traffic, may be subject to
recording and/or monitoring in accordance with relevant legislation.

References

Visible links
1. http://www.ico.gov.uk/

Dear Mr Schneider,

FREEDOM OF INFORMATION ACT 2000 - INFORMATION REQUEST

Your request for information has now been considered. I am able to
provide you with some of the information you have requested which is in
the table below.

In respect of the information we are unable to provide, I have explained
why this is the case and what exemptions apply under the Act in the table
below. Therefore, in accordance with section 17 of the Freedom of
Information Act 2000 please treat this letter as a Public Interest Refusal
Notice in respect of the withheld information.

+------------------------------------------------------------------------+
| Senior Information Risk | Mr D Carter |
| Owner | CWG Directorate |
| | PO Box |
| | Market Place |
| | Warwick |
| | CV34 4RR |
|------------------------------+-----------------------------------------|
| Governance Manager | Mr D Carter |
| | CWG Directorate |
| | PO Box |
| | Market Place |
| | Warwick |
| | CV34 4RR |
|------------------------------+-----------------------------------------|
| Information Security | Les Harlock |
| Officer/Manager | ICT Services |
| | Resources Directorate |
| | PO Box 2 |
| | Market Square |
| | Warwickshire |
| | CV34 4UB |
|------------------------------+-----------------------------------------|
| Information Technology | Les Harlock |
| Security Officer/Manager | ICT Services |
| | Resources Directorate |
| | PO Box 2 |
| | Market Square |
| | Warwickshire |
| | CV34 4UB |
|------------------------------+-----------------------------------------|
| Caldecott Guardian | Mr R Williamson |
| | AH & CS Directorate |
| | Saltisford Office Park |
| | Ansell Way |
| | Warwick |
| | CV34 4UL |
| | |
| | Mr P Sawbridge |
| | Children's Directorate |
| | Saltisford Office Park |
| | Ansell Way |
| | Warwick |
| | CV34 4UL |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| PCI DSS | |
|------------------------------+-----------------------------------------|
| Does your organisation | Yes but not within Corporate network. |
| process electronic payment | We use separate cardholder PED devices |
| cards? | |
|------------------------------+-----------------------------------------|
| How much money is processed | Yr 2009/10 *1.09 million |
| from electronic payment | |
| cards per | |
| annum? | |
|------------------------------+-----------------------------------------|
| How many electronic payment | 2009/10 16,500 |
| card transactions are | |
| processed per | |
| annum? | |
|------------------------------+-----------------------------------------|
| Are you PCI-DSS compliant? | Out of Scope for WCC Network. Our PSP |
| | for WCC Website is PCI DSS compliant. |
| | Working towards compliance for |
| | cardholder present data. Although the |
| | WCC Customer Service Centre does not |
| | currently take card payments, a |
| | co-located partner does. The joint |
| | approach to this has been approved by a |
| | QSA |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| ISO 27001 | |
|------------------------------+-----------------------------------------|
| Are you or have you | Considered |
| considered becoming ISO | |
| 27001 compliant or | |
| certified? | |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| Government Connect | |
|------------------------------+-----------------------------------------|
| Are you connected and | Yes |
| operationally utilising the | |
| Government Connect network? | |
| If not have you considered | |
| connecting to Government | |
| Connect and why was the | |
| decision made not to | |
| connect? | |
|------------------------------+-----------------------------------------|
| Do you meet the Government | Yes |
| Connect version three | |
| requirements? | |
|------------------------------+-----------------------------------------|
| Please supply your latest | This information is exempt from |
| CLAS consultant annual | disclosure under the Freedom of |
| Government Connect | Information Act 2000 (FOIA) and may be |
| assessment/audit report, | exempt under other UK information |
| blanking out any statements | legislation. Refer any FIAO queries to |
| which could contravene a | GCHQ on 01242 221491 ext: 30306 or |
| security concern from a | email [1][email address] |
| third party reading it. | |
| | The exemption applied is the |
| | `Prevention or Detection of Crime' |
| | exemption under section 31 of the |
| | Freedom of Information Act 2000. This |
| | exemption applies because it is |
| | considered that releasing all or any of |
| | this report would compromise the |
| | security of our network and data. |
| | The reasons why the public interest |
| | favours withholding the information are |
| | that the public interest is served in |
| | ensuring that the security of the |
| | County Council's network and data is |
| | not compromised. |
| | |
| | However, the County Council does |
| | recognise that there are argument(s) in |
| | favour of disclosure such as greater |
| | transparency. Nevertheless, the County |
| | Council considers that in all |
| | circumstances, on balance the public |
| | interest favours withholding the |
| | information at this time.' |
|------------------------------+-----------------------------------------|
| Do you meet the Government | Not Yet Audited against V 4 |
| Connect version four | |
| requirements? | |
|------------------------------+-----------------------------------------|
| Please supply the latest | N/A |
| internal report for the | |
| Government Connect | |
| version four | |
| Audit/Assessment, blanking | |
| out any statements which | |
| could contravene a security | |
| concern from a third party | |
| reading it. | |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| Criminal Justice Network | |
|------------------------------+-----------------------------------------|
| Are you connected to and | Yes |
| operationally utilising the | |
| Criminal Justice Network? If | |
| not have you considered | |
| connecting to the Criminal | |
| Justice Network and why was | |
| the decision made not to | |
| connect? | |
|------------------------------+-----------------------------------------|
| Please supply your latest | Not currently audited |
| annual assessment/audit | |
| report, blanking | |
| out any statements which | |
| could contravene a security | |
| concern from a third party | |
| reading it. | |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| NHS N3 Network | |
|------------------------------+-----------------------------------------|
| Are you connected to and | Yes |
| operationally utilising the | |
| NHS N3 Network? If not have | |
| you considered connecting to | |
| the NHS N3 network and why | |
| was the decision made not to | |
| connect? | |
|------------------------------+-----------------------------------------|
| Please supply your latest N3 | Not Audited |
| Connection assessment/audit | |
| report, blanking out any | |
| statements which could | |
| contravene a security | |
| concern from a third party | |
| reading it. | |
|------------------------------+-----------------------------------------|
|------------------------------+-----------------------------------------|
| Do both schools and the | Yes |
| Council share the same | |
| physical network responsible | |
| for voice and data | |
| communications? | |
+------------------------------------------------------------------------+

You have the right to request that the County Council carry out an
internal review if you are not satisfied with the way your request was
dealt with or wish to appeal the decision. A request for an internal
review should be made in writing and addressed to me at the address above.
All requests for an internal review will be dealt with under the County
Council's internal review procedure.

If you are not satisfied with the outcome of the internal review you may
appeal to the Information Commissioner's Office, at the following address:

FOI Compliance Team (complaints)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113

Yours sincerely

Donna Curtis
FOI Officer/Development Support Officer
Improvement & Development Group
Local Financial Services
Resources Directorate
Warwickshire County Council

Tel: 01926 418089
Minicom: 01926 412277
E-Mail: [email address]
www.warwickshire.gov.uk

This transmission is intended for the named addressee(s) only and may
contain sensitive or protectively marked material up to RESTRICTED and
should be handled accordingly. Unless you are the named addressee (or
authorised to receive it for the addressee) you may not copy or use it, or
disclose it to anyone else. If you have received this transmission in
error please notify the sender immediately. All email traffic sent to or
from us, including without limitation all GCSX traffic, may be subject to
recording and/or monitoring in accordance with relevant legislation.

References

Visible links
1. mailto:[email address]

Morning,

A reply was sent last week, I will forward it to you now.
Donna Curtis
FOI Officer/Development Support Officer
Improvement & Development Group
Local Financial Services
Resources Directorate
Warwickshire County Council

Tel: 01926 418089
Minicom: 01926 412277
E-Mail: [email address]
www.warwickshire.gov.uk

Dave Schneider To [email address]
<[FOI #45288 email]> cc
Subject Re: Freedom of Information
22/09/2010 10:00 Request

Dear Warwickshire County Council,

Please can you update me on the status of this FOI, as you're past
the statutory 20 day deadline.

Yours faithfully,

Dave Schneider

show quoted sections

Donna Curtis
FOI Officer/Development Support Officer
Improvement & Development Group
Local Financial Services
Resources Directorate
Warwickshire County Council

Tel: 01926 418089
Minicom: 01926 412277
E-Mail: [email address]
www.warwickshire.gov.uk

show quoted sections