Enquiry regarding annual compliance for ITHC, PCI DSS and general data security

Mr Maurits made this Freedom of Information request to Burnley Borough Council Automatic anti-spam measures are in place for this older request. Please let us know if a further response is expected or if you are having trouble responding.

The request was successful.

Dear Burnley Borough Council,

I am requesting the following information:

1.1) When did you conduct your last IT Health Check?
1.2) When is your next IT Health Check due?
1.3) Do you conduct other cybersecurity penetration testing?
1.4) Are you in a contract for your IT Health Check / other testing? If so, when will this be up for renewal?
1.5) Who is the contact person at the Council for the annual IT Health Check?

2.1) When is the next date to renew compliance validation for PCI DSS?
2.2) Will the Council be requiring consultancy to ensure they adhere to the new PCI DSS 4.0?
2.3) Who is the contact person at the Council looking after PCI DSS compliance?

3.1) Do the Council adhere to other data security standards, such as Cyber Essentials Basic, Cyber Essentials Plus, ISO27001?
3.2) If no, do the Council plan on achieving any of these accreditations?

4.1) Does the Council currently utilise an in-house or outsourced Security Operations Centre for solutions such as EDR, MDR, or XDR?
4.2) Do the Council have Windows Defender for EDR. If so, is this managed in-house or externally?

5) What are the contact details for the Data Protection Officer?

Yours faithfully,

Mr Maurits

FOI, Burnley Borough Council

This is an automated email- please do not reply

We have received your freedom of information request. You should expect a
response within 20 working days.

Kind regards,

Burnley Council

FOI
FOI
Town Hall

Ext -----
01282 425011

[1]burnley council's [2]white ribbon [3]carbon literacy
website accredited award

Burnley Council, Town Hall, Manchester Road, Burnley, Lancashire. BB11 9SA
Our terms and disclaimers apply to this email and any attachments.
[4]For full details, see our terms and disclaimer.

References

Visible links
1. https://www.burnley.gov.uk/
2. https://www.whiteribbon.org.uk/
3. https://carbonliteracy.com/
4. https://www.burnley.gov.uk/terms-and-dis...

FOI, Burnley Borough Council

1 Attachment

Mr Maurits

Please find attached a response.

You may, if dissatisfied with the treatment of your request, ask the council to conduct a review of its decision under the council's complaints procedure. The review will be carried out by someone who has not been involved in dealing with your request for information. Please e-mail or write if you would like a review.
If, following the review, you remain dissatisfied with the council's treatment of your request then you may take your complaint to the Information Commissioner at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Thanks

Ian Evenett
Information Governance Officer (Finance and Property)

show quoted sections