To ask the Secretary of State for Children, Schools and Families what audits his Department and its agencies have carried out in relation to personal data and IT equipment in each of the last 10 years. (176481)

The internal audit work programme for the Department in line with Government Internal Audit best practice, adopts a risk based approach to identifying areas for audit coverage

The adequacy of controls over data, including personal data and IT equipment, is covered in all assignments where it is relevant to the risks under review.

The risk based audit tasks below had a specific focus on personal data and IT equipment.

2004-05

Payroll

Travel and expenses claims

Teacher’s serious misconduct—follow-up

Teachers Pension—ill health performance reporting

Loss of IT kit

IT hardware asset management

2005-06

Payroll inspection

Foreign Travel

Network account management

IT security

2006-07

Teacher’s serious misconduct

New relationships with schools (data)

Network account follow-up

Review of payroll

Travel and subsistence inspection

2007-08 (to date)

Travel and subsistence post payment checks

Network account management—follow-up

Payroll—follow-up

Information relating to the Department’s agencies and non-departmental public bodies (NDPB) is not readily available within the cost threshold.