Supply chain
Dear Lincoln City Council,
Has your organisation ever suffered a cyber security incident through a third-party provider; that is, an attack which infiltrated your IT systems through an outside partner, provider or vendor?
- Yes
- No
If yes, did this occur within the last 12 months?
- Yes
- No
Do you have a list of all the third parties that your organisation shares sensitive data with?
- Yes
- No
In terms of cyber security governance processes, do you have clear criteria that third parties - suppliers or those in which there are dependencies within the supply chain - must comply with in order to do business with them?
- Yes
- No
If Yes, please indicate all that apply:
- Suppliers must assure their cyber security against the HMG Cyber Security Standard
- Suppliers must demonstrate that they hold a valid Cyber Essentials Certificate.
- Suppliers must demonstrate compliance with the Payment Card Industry (PCI) DSS standard
- Other: please indicate:
How often do you reassess third party or suppliers’ security measures to ensure they still meet the minimum criteria?
- At least every 12 months
- At least every 2 years
- More than every 2 years.
- We don’t reassess
Have you revisited these requirements to ensure compliance with the General Data Protection Regulation (GDPR)?
- Yes
- No
Do you have policies in place for privileged access management?
- Yes
- No
Thank you for your time.
Yours faithfully,
Gabby Dunne
Dear Madam
FREEDOM OF INFORMATION ACT 2000 – INFORMATION REQUEST
I refer to your request for information received on 21 November 2018
concerning the above and enclose the Council’s response.
If you wish to appeal against the handling of your request then please
contact the Freedom of Information Officer at the City of Lincoln Council,
City Hall, Beaumont Fee, Lincoln, LN1 1DB. Telephone 01522 873441 or
e-mail [Lincoln City Council request email].
Further information is also available from the Information Commissioner
at:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 01625 545 700 www.ico.org.uk
With regards.
Karan Shearwood
Legal Officer
T 01522 873840
[1]City of Lincoln Council
City of Lincoln Council
City Hall, Beaumont Fee, Lincoln, LN1 1DD
[2]http://www.lincoln.gov.uk/doitonline
Read more about [3]our vision
[4]https://www.lincoln.gov.uk/EasySiteWeb/E...
====================================================================================================================
City of Lincoln Council is a Living Wage employer. If you would like to
know more about the Living Wage, or sign up to the Making Lincoln Living
Wage campaign, please visit [5]www.lincolnagainstpoverty.co.uk/livingwage
This transmission is intended for the named addressee(s) only and may
contain sensitive or classified material up to OFFICIAL and should be
handled accordingly. Unless you are the named addressee (or authorised to
receive it for the addressee) you may not copy or use it, or disclose it
to anyone else. Please also notify the sender immediately
Under the Data Protection Act 2018 and the Freedom of Information Act 2000
the contents of this email may be disclosed.
The City of Lincoln Council reserves the right to monitor both sent and
received emails.
For further information regarding how we protect your data see our
[6]privacy notice for customers.
References
Visible links
1. http://www.lincoln.gov.uk/doitonline
2. http://www.lincoln.gov.uk/doitonline
3. http://www.lincoln.gov.uk/vision2020
5. http://www.lincolnagainstpoverty.co.uk/l...
6. https://www.lincoln.gov.uk/privacy-policy/
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now