Data Protection Compliance
Dear Institute for Apprenticeships and Technical Education,
1. Does your organisation use any applications or software to record Record of Processing Activity (ROPA)?
If so, please state the product name(s) and version numbers(s) (if known)
2. Does your organisation use any applications or software to support preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?
If so, please state the product name(s) and version numbers(s) (if known)
3. Does your organisation use any applications or software associated with data breach management?
4. Does your organisation use any applications or software associated with Freedom of Information management?
If so, please state the product name(s) and version numbers(s) (if known)
5. Does your organisation use any applications or software for Policy Management?
If so, please state the product name(s) and version numbers(s) (if known)
6. Does your organisation use any eLearning for Data Protection and Security Awareness?
If so, please state the product name(s) and version numbers(s) (if known)
7. Has your organisation reviewed / explored the market regarding the provision of technology which supports the delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to review / explore this market in the next 3 years?
8. Has your organisation allocated budget / financial resources regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to allocate budget / financial resources in the next 3 years?
9. Has your organisation developed a business case (outline or otherwise) regarding the commissioning / procurement of technology which supports the delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to develop a business case in the next 3 years?
10. Will there be any opportunities to engage with your organisation regarding the commissioning / procurement of technology which supports the delivery of Information Governance function in the next three years?
Yours faithfully,
Maddy Snow
Thank you for contacting the Institute for Apprenticeships and Technical
Education.
We have received your email and aim to respond within five working days.
Kind regards
Enquiries Team
Dear Maddy
Thank you for your request for information received by the Institute for
Apprenticeships and Technical Education (IfATE) on 13 September 2023.
You have requested answers to the following questions:
“1. Does your organisation use any applications or software to record
Record of Processing Activity (ROPA)?
If so, please state the product name(s) and version numbers(s) (if known)
2. Does your organisation use any applications or software to support
preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?
If so, please state the product name(s) and version numbers(s) (if known)
3. Does your organisation use any applications or software associated with
data breach management?
4. Does your organisation use any applications or software associated with
Freedom of Information management?
If so, please state the product name(s) and version numbers(s) (if known)
5. Does your organisation use any applications or software for Policy
Management?
If so, please state the product name(s) and version numbers(s) (if known)
6. Does your organisation use any eLearning for Data Protection and
Security Awareness?
If so, please state the product name(s) and version numbers(s) (if known)
7. Has your organisation reviewed / explored the market regarding the
provision of technology which supports the delivery of Information
Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to review / explore this
market in the next 3 years?
8. Has your organisation allocated budget / financial resources regarding
the commissioning / procurement of technology which supports the delivery
of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to allocate budget /
financial resources in the next 3 years?
9. Has your organisation developed a business case (outline or otherwise)
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to develop a business case
in the next 3 years?
10. Will there be any opportunities to engage with your organisation
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance function in the next three years?”
We are handling your request under the terms of the Freedom of Information
Act (FOIA) 2000. Under the Act we have 20 working days (excluding weekends
and bank holidays) to respond. We will respond on or before October .
Yours sincerely
Senior information and enquiries manager
Level 2, Cheylesmore House, 5 Quinton Road, Coventry, CV1 2WT
[1]Title: LinkedIn - Description: LinkedIn [2]Title: Twitter -
Description: Twitter [3]Title: GOV.UK - Description: GOV.UK
Dear Maddy
We write in response to your request for information received by the
Institute for Apprenticeships & Technical Education (IfATE) on 13
September.
Your request reads:
“1. Does your organisation use any applications or software to record
Record of Processing Activity (ROPA)?
If so, please state the product name(s) and version numbers(s) (if known)
2. Does your organisation use any applications or software to support
preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?
If so, please state the product name(s) and version numbers(s) (if known)
3. Does your organisation use any applications or software associated with
data breach management?
4. Does your organisation use any applications or software associated with
Freedom of Information management?
If so, please state the product name(s) and version numbers(s) (if known)
5. Does your organisation use any applications or software for Policy
Management?
If so, please state the product name(s) and version numbers(s) (if known)
6. Does your organisation use any eLearning for Data Protection and
Security Awareness?
If so, please state the product name(s) and version numbers(s) (if known)
7. Has your organisation reviewed / explored the market regarding the
provision of technology which supports the delivery of Information
Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to review / explore this
market in the next 3 years?
8. Has your organisation allocated budget / financial resources regarding
the commissioning / procurement of technology which supports the delivery
of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to allocate budget /
financial resources in the next 3 years?
9. Has your organisation developed a business case (outline or otherwise)
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to develop a business case
in the next 3 years?
10. Will there be any opportunities to engage with your organisation
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance function in the next three years?”
You requested that your ‘questions’ be handled under the terms of the
Freedom of Information Act 2000 (FOI Act). We must advise that requests
under the FOI Act are requests for information held by an organisation
rather than a set of questions. Under the Act there is no requirement for
a public authority to write/produce information in order to provide a
response. However, we are keen to assist and so have responded to your
questions outside of the FOI Act.
We have responded below to each of your questions:
1. Does your organisation use any applications or software to record
Record of Processing Activity (ROPA)?
If so, please state the product name(s) and version numbers(s) (if known)
Answer: IfATE use Microsoft Office (or Excel/Word) for this purpose.
2. Does your organisation use any applications or software to support
preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?
If so, please state the product name(s) and version numbers(s) (if known)
Answer: No.
3. Does your organisation use any applications or software associated with
data breach management?
Answer: No.
4. Does your organisation use any applications or software associated with
Freedom of Information management?
If so, please state the product name(s) and version numbers(s) (if known)
Answer: No.
5. Does your organisation use any applications or software for Policy
Management?
If so, please state the product name(s) and version numbers(s) (if known)
Answer: No.
6. Does your organisation use any eLearning for Data Protection and
Security Awareness?
If so, please state the product name(s) and version numbers(s) (if known)
Answer: Yes. Department for Education learning tailored to IfATE.
7. Has your organisation reviewed / explored the market regarding the
provision of technology which supports the delivery of Information
Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to review / explore this
market in the next 3 years?
Answer: No.
8. Has your organisation allocated budget / financial resources regarding
the commissioning / procurement of technology which supports the delivery
of Information Governance functions?
Answer: No.
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to allocate budget /
financial resources in the next 3 years? Answer: IfATE hold no information
in relation to this question/request.
9. Has your organisation developed a business case (outline or otherwise)
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance functions?
Answer: No.
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to develop a business case
in the next 3 years? Answer: IfATE hold no information in relation to this
question/request.
10. Will there be any opportunities to engage with your organisation
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance function in the next three years?
Answer: IfATE hold no information in relation to this question/request.
If you have any further queries in relation to this request, please email
me, quoting the reference ‘Ref 170’ in any future communications.
If you are not content with the way your request has been handled, you
should make a complaint to IfATE by writing to me within 40 working days
of the date of this email. Your complaint will be considered by a senior
IfATE official who was not involved in the original consideration of your
request.
If you are not content with the outcome of your complaint to IfATE, you
may then contact the [1]Information Commissioner’s Office or phone their
helpline on 0303 123 1113.
Yours sincerely
Senior information and enquiries manager
Level 2, Cheylesmore House, 5 Quinton Road, Coventry, CV1 2WT
[2]LinkedIn logo [3]X (formerly twitter) logo [4]GOV.UK
logo [5]Instagram logo [6]Facebook logo [7]Website logo
From: IFA, Enquiries <[8][email address]>
Sent: Wednesday, September 13, 2023 11:38 AM
To: [9][FOI #1025322 email]
Cc: IFA, Enquiries <[10][email address]>
Subject: Request for Information Ref 170 FW: Freedom of Information
request - Data Protection Compliance
Dear Maddy
Thank you for your request for information received by the Institute for
Apprenticeships and Technical Education (IfATE) on 13 September 2023.
You have requested answers to the following questions:
“1. Does your organisation use any applications or software to record
Record of Processing Activity (ROPA)?
If so, please state the product name(s) and version numbers(s) (if known)
2. Does your organisation use any applications or software to support
preparation for, or maintenance of ISO 27001 and/or ISO 27701 compliance?
If so, please state the product name(s) and version numbers(s) (if known)
3. Does your organisation use any applications or software associated with
data breach management?
4. Does your organisation use any applications or software associated with
Freedom of Information management?
If so, please state the product name(s) and version numbers(s) (if known)
5. Does your organisation use any applications or software for Policy
Management?
If so, please state the product name(s) and version numbers(s) (if known)
6. Does your organisation use any eLearning for Data Protection and
Security Awareness?
If so, please state the product name(s) and version numbers(s) (if known)
7. Has your organisation reviewed / explored the market regarding the
provision of technology which supports the delivery of Information
Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to review / explore this
market in the next 3 years?
8. Has your organisation allocated budget / financial resources regarding
the commissioning / procurement of technology which supports the delivery
of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to allocate budget /
financial resources in the next 3 years?
9. Has your organisation developed a business case (outline or otherwise)
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance functions?
If yes - please specify what actions have been taken?
If no - does your organisation have any plans to develop a business case
in the next 3 years?
10. Will there be any opportunities to engage with your organisation
regarding the commissioning / procurement of technology which supports the
delivery of Information Governance function in the next three years?”
We are handling your request under the terms of the Freedom of Information
Act (FOIA) 2000. Under the Act we have 20 working days (excluding weekends
and bank holidays) to respond. We will respond on or before October .
Yours sincerely
Senior information and enquiries manager
Level 2, Cheylesmore House, 5 Quinton Road, Coventry, CV1 2WT
[11]Title: LinkedIn - Description: LinkedIn [12]Title: Twitter -
Description: Twitter [13]Title: GOV.UK - Description: GOV.UK
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now