Supply chain

The request was successful.

Dear Basildon Borough Council,

Has your organisation ever suffered a cyber security incident through a third-party provider; that is, an attack which infiltrated your IT systems through an outside partner, provider or vendor?
- Yes
- No

If yes, did this occur within the last 12 months?
- Yes
- No

Do you have a list of all the third parties that your organisation shares sensitive data with?
- Yes
- No

In terms of cyber security governance processes, do you have clear criteria that third parties - suppliers or those in which there are dependencies within the supply chain - must comply with in order to do business with them?
- Yes
- No

If Yes, please indicate all that apply:
- Suppliers must assure their cyber security against the HMG Cyber Security Standard
- Suppliers must demonstrate that they hold a valid Cyber Essentials Certificate.
- Suppliers must demonstrate compliance with the Payment Card Industry (PCI) DSS standard
- Other: please indicate:

How often do you reassess third party or suppliers’ security measures to ensure they still meet the minimum criteria?
- At least every 12 months
- At least every 2 years
- More than every 2 years.
- We don’t reassess

Have you revisited these requirements to ensure compliance with the General Data Protection Regulation (GDPR)?
- Yes
- No

Do you have policies in place for privileged access management?
- Yes
- No

Thank you for your time.

Yours faithfully,

Gabby Dunne

Basildon Council, Email Notification, Basildon Borough Council

This email is an acknowledgement of your Legal Information
Support Request submitted on 27/11/2018. A notification will be sent to
your email address by 27/12/2018 to inform you of the outcome.

To save you time in the future, why not Do it Online. You can now use our
[1]online form to let us know of future Legal Information Support
requests.

Thank you

This message does not necessarily reflect the views, opinions, policies or
procedures of Basildon Borough Council or its partners and does not give
rise to any contract, undertaking or agreement. eMail is not a secure form
of communication. Every effort has been made to ensure that this message
has been correctly addressed. It and any associated file(s) may contain
private or confidential information or details intended only for the
sender and the intended recipient. If this message is received by anyone
other than the intended recipient please delete the message and any
associated file(s) and destroy any printed copy. Please notify the sender
by a return e-mail or telephone and make them aware that the message has
been received by someone other than the intended recipient. If the subject
line of this email begins PER: then the email is a personal one and is the
personal responsibility of the sender and not Basildon Borough Council or
its partners.
If you would like to find out more about how Basildon Borough Council use
your personal data please go to www.basildon.gov.uk/privacy

References

Visible links
1. https://www5.basildon.gov.uk/report/Lega...

Basildon Council, Email Notification, Basildon Borough Council

1 Attachment

Dear Ms  Dunne

I refer to your Freedom of Information request submitted on 27/11/2018.

I have attached the information you have requested.

If you are unhappy with the service you have received in relation to your
request and wish to make a complaint or request a review of our decision
you should write to:

Legal Information Support Team

If you are not content with the outcome of your complaint, you may apply
directly to the Information Commissioner for a decision. Generally the ICO
cannot make a decision unless you have exhausted the complaints procedure
first. The ICO can be contacted at The Information Commissioner’s Office,
Wycliffe House, Water Lane, Wilmslow, Cheshire SKP 5AF

If you have any queries about this letter please contact me. Please
remember to quote the reference number above in any future communications

You will be unable to reply to this email. If you wish to contact us
please email [1][Basildon Borough Council request email]

Yours sincerely

Peter Samuels

Legal Information Support Team

This message does not necessarily reflect the views, opinions, policies or
procedures of Basildon Borough Council or its partners and does not give
rise to any contract, undertaking or agreement. eMail is not a secure form
of communication. Every effort has been made to ensure that this message
has been correctly addressed. It and any associated file(s) may contain
private or confidential information or details intended only for the
sender and the intended recipient. If this message is received by anyone
other than the intended recipient please delete the message and any
associated file(s) and destroy any printed copy. Please notify the sender
by a return e-mail or telephone and make them aware that the message has
been received by someone other than the intended recipient. If the subject
line of this email begins PER: then the email is a personal one and is the
personal responsibility of the sender and not Basildon Borough Council or
its partners.
If you would like to find out more about how Basildon Borough Council use
your personal data please go to www.basildon.gov.uk/privacy

References

Visible links
1. mailto:[Basildon Borough Council request email]