Enquiry regarding annual compliance for ITHC, PCI DSS and general data security
Dear Burnley Borough Council,
I am requesting the following information:
1.1) When did you conduct your last IT Health Check?
1.2) When is your next IT Health Check due?
1.3) Do you conduct other cybersecurity penetration testing?
1.4) Are you in a contract for your IT Health Check / other testing? If so, when will this be up for renewal?
1.5) Who is the contact person at the Council for the annual IT Health Check?
2.1) When is the next date to renew compliance validation for PCI DSS?
2.2) Will the Council be requiring consultancy to ensure they adhere to the new PCI DSS 4.0?
2.3) Who is the contact person at the Council looking after PCI DSS compliance?
3.1) Do the Council adhere to other data security standards, such as Cyber Essentials Basic, Cyber Essentials Plus, ISO27001?
3.2) If no, do the Council plan on achieving any of these accreditations?
4.1) Does the Council currently utilise an in-house or outsourced Security Operations Centre for solutions such as EDR, MDR, or XDR?
4.2) Do the Council have Windows Defender for EDR. If so, is this managed in-house or externally?
5) What are the contact details for the Data Protection Officer?
Yours faithfully,
Mr Maurits
This is an automated email- please do not reply
We have received your freedom of information request. You should expect a
response within 20 working days.
Kind regards,
Burnley Council
FOI
FOI
Town Hall
Ext -----
01282 425011
[1]burnley council's [2]white ribbon [3]carbon literacy
website accredited award
Burnley Council, Town Hall, Manchester Road, Burnley, Lancashire. BB11 9SA
Our terms and disclaimers apply to this email and any attachments.
[4]For full details, see our terms and disclaimer.
References
Visible links
1. https://www.burnley.gov.uk/
2. https://www.whiteribbon.org.uk/
3. https://carbonliteracy.com/
4. https://www.burnley.gov.uk/terms-and-dis...
Mr Maurits
Please find attached a response.
You may, if dissatisfied with the treatment of your request, ask the council to conduct a review of its decision under the council's complaints procedure. The review will be carried out by someone who has not been involved in dealing with your request for information. Please e-mail or write if you would like a review.
If, following the review, you remain dissatisfied with the council's treatment of your request then you may take your complaint to the Information Commissioner at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Thanks
Ian Evenett
Information Governance Officer (Finance and Property)
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now