Information Technology Request
Dear Gedling Borough Council,
I am writing to make an open government request for all the information to which I am entitled under the Freedom of Information Act 2000.
Please forward responses to the attached questions below.
I would like the above information to be provided to me as an electronic document.
If this request is too wide or unclear, I would be grateful if you could contact me as I understand that under the Act, you are required to advise and assist requesters. If any of this information is already in the public domain, please can you direct me to it, with page references and URLs if necessary.
If the release of any of this information is prohibited on the grounds of breach of confidence, I ask that you supply me with copies of the confidentiality agreement and remind you that information should not be treated as confidential if such an agreement has not been signed.
I understand that you are required to respond to my request within the 20 working days after you receive this letter. I would be grateful if you could confirm in writing that you have received this request.
I look forward to hearing from you.
Yours faithfully,
Gloria Zimba.
1. Do you have a formal IT security strategy? (Please provide a link to the strategy)
A) Yes
B) No
2. Does this strategy specifically address the monitoring of network attached device configurations to identify any malicious or non-malicious change to the device configuration?
A) Yes
B) No
C) Don’t know
3. If yes to Question 2, how do you manage this identification process – is it:
A) Totally automated – all configuration changes are identified and flagged without manual intervention.
B) Semi-automated – it’s a mixture of manual processes and tools that help track and identify configuration changes.
C) Mainly manual – most elements of the identification of configuration changes are manual.
4. Have you ever encountered a situation where user services have been disrupted due to an accidental/non malicious change that had been made to a device configuration?
A) Yes
B) No
C) Don’t know
5. If a piece of malware was maliciously uploaded to a device on your network, how quickly do you think it would be identified and isolated?
A) Immediately
B) Within days
C) Within weeks
D) Not sure
6. How many devices do you have attached to your network that require monitoring?
A) Physical Servers: record number
B) PC’s & Notebooks: record number
7. Have you ever discovered devices attached to the network that you weren’t previously aware of?
A) Yes
B) No
If yes, how do you manage this identification process – is it:
A) Totally automated – all device configuration changes are identified and flagged without manual intervention.
B) Semi-automated – it’s a mixture of manual processes and tools that help track and identify unplanned device configuration changes.
C) Mainly manual – most elements of the identification of unexpected device configuration changes are manual.
8. How many physical devices (IP’s) do you have attached to your network that require monitoring for configuration vulnerabilities?
Record Number:
9. Have you suffered any external security attacks that have used malware on a network attached device to help breach your security measures?
A) Never
B) Not in the last 1-12 months
C) Not in the last 12-36 months
10. Have you ever experienced service disruption to users due to an accidental, non-malicious change being made to device configurations?
A) Never
B) Not in the last 1-12 months
C) Not in the last 12-36 months
11. When a scheduled audit takes place for the likes of PSN or Cyber Essentials, how likely are you to get significant numbers of audit fails relating to the status of the IT infrastructure?
A) Never
B) Occasionally
C) Frequently
D) Always
Thank you for your request for information from the Council on 13/12/2021.
Your request is being considered and we will endeavour to deal with your
request within the statutory timescale of 20 working days as defined by
the Freedom of Information Act 2000, subject to the information not being
exempt (or containing reference to a third party). This means that you
should receive a response from the Council on or before 13/01/2022. We do
however ask for your patience at the current time. Resources within the
Council are being utilised to deal with business critical functions during
the Covid-19 pandemic, which may mean that there are some delays to our
response times. Your request will be dealt with, but again, we ask for
your patience and understanding at this time.
Please note that in some circumstances a fee may be payable and if that is
the case, the Council will let you know. A fee notice will be issued to
you, and you will be required to pay before we will proceed to deal with
your request. Please note that the 20 working day time limit for responses
is suspended until receipt of the payment.
If appropriate, the information will be provided by letter/email, normal
font size (Arial, 12pt). If you require an alternative format, such as
Braille or large print, then please let the Council know.
If you have any queries about your request or wish to respond to this
email please email [Gedling Borough Council request email] quoting reference FOI 10893.
If you are not satisfied with how your request is being dealt with then
you should complain by writing to the Chief Executive. This letter should
be marked for the attention of Executive Support at the Civic Centre,
Arnot Hill Park, Arnold, Nottingham, NG5 6LU quoting the above reference
number.
If you are still not satisfied with the outcome of your complaint then you
have a right of appeal to the Information Commissioner’s Office, Wycliffe
House, Water Lane, Wilmslow, Cheshire SK9 5AF Telephone 01625 545 700 or
www.ico.org.uk
Legal Services
Gedling Borough council
Please read the following carefully. The information in this Email is
confidential and may be legally privileged. It is intended solely for the
addressee. Access to this message by anyone else is unauthorised. Senders
and recipients of any email should be aware that, under the Data
Protection Legislation and the Freedom of Information Act 2000, the
contents may have to be disclosed in response to a request made to the
Authority. If you have received the Email in error please notify
[email address]. Any views expressed by an individual within
this Email, which do not constitute or record technical advice, do not
necessarily reflect the views of the council. The Email has been checked
for viruses. We do however recommend that you perform your own scan of any
attachments (if any). We can not accept any responsibility for transmitted
viruses.
Dear Gloria,
Further to your request for information on 13th December 2021 please find attached the Council’s response.
If you have any further queries please do not hesitate to contact me at [Gedling Borough Council request email]
Kind regards
Craig Allcock
Legal Advisor – Legal Services
Gedling Borough Council
Civic Centre, Arnot Hill Park
Arnold, Nottingham NG5 6LU
0115 901 3914
I am currently working away from the office.
www.gedling.gov.uk
For the latest news and events, follow us on Twitter @GedlingBC or like us on Facebook
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now