Brentwood Borough Council

Brentwood Borough Council

Quick Links

Skip Navigation | Home page | Site map | Search | Help | Complaints procedure | Disclaimer | Feedback | Access key details
Brentwood Borough Council

FOI 10131

Security Levels

Request

-------------------------------------------
According to the Information Commissioners Office, 90% of data held at most organisations is classified as IL2, IL3 or ''official'' (source: HMG) and therefore requires a certain level of security to keep it private and confidential.

The goal of my Freedom of Information Act request is to understand, within the context of current data privacy and data protection concerns, whether the public sector is meeting or exceeding these security levels, typically referred to as business Impact Levels (IL) IL1, IL2, and IL3 etc. I appreciate the time taken to respond to these questions and have tried to keep the survey as simple as possible.

Q1: How much ‘official’ (IL2, IL3) data, as a percentage and total capacity of all data your organisation holds, do you store?

Percentage: ________% of all our data

Total capacity: ________ terabytes of data


Q2: How much of that ''official'' data, as a percentage and total capacity is stored onsite (in one of your buildings) versus 3rd party offsite*(Colocation or any type of Cloud such as public, private & hybrid).

Percentage onsite: ________% of all our data

Total capacity onsite: ________ terabytes of data

Percentage offsite in the cloud: ________% of all our data

Total capacity offsite in the cloud: ________ terabytes of data

*If you have your onsite ‘official’ data that is backed up off-site, please just duplicate your onsite entry

Q3: How much of this ‘official’ data is stored within following accredited security impact levels. Please provide an approximate percentage for each level, and your answer should total 100% or thereabouts.

Onsite

Official (IL2): ________%

Official (IL3): ________%

Other level/type (I.e IL4 and above): ________%

Don’t know: ________%

Offsite

Official (IL2): ________%

Official (IL3): ________%

Other level/type (I.e IL4 and above): ________%

Don’t know: ________%


Q4: How many times have you enlisted the help of a CESG Listed Advisor Scheme (CLAS) consultant in the past 24 months to review, check and audit the accredited security levels in place at your organisation?

0, 1, 4, 8, Other


Q5: How often have the accredited security levels in place at your organisation been audited over the past 24 months?

0, 1, 4, 8, Other



Q6: Have any data breaches been recorded at your organisation over the past 24 months?

Yes, No, Don’t Know

Response

The Council is accredited each year with PSN certification with the Government. For data protection reasons we are unable to provide specific details on the type / location of our data.

We do not hold any IL4 data