Skip to main content

Departmental Data Protection

Volume 472: debated on Wednesday 20 February 2008

To ask the Secretary of State for Children, Schools and Families what audits his Department and its agencies have carried out in relation to personal data and IT equipment in each of the last 10 years. (176481)

The internal audit work programme for the Department in line with Government Internal Audit best practice, adopts a risk based approach to identifying areas for audit coverage

The adequacy of controls over data, including personal data and IT equipment, is covered in all assignments where it is relevant to the risks under review.

The risk based audit tasks below had a specific focus on personal data and IT equipment.



Travel and expenses claims

Teacher’s serious misconduct—follow-up

Teachers Pension—ill health performance reporting

Loss of IT kit

IT hardware asset management


Payroll inspection

Foreign Travel

Network account management

IT security


Teacher’s serious misconduct

New relationships with schools (data)

Network account follow-up

Review of payroll

Travel and subsistence inspection

2007-08 (to date)

Travel and subsistence post payment checks

Network account management—follow-up


Information relating to the Department’s agencies and non-departmental public bodies (NDPB) is not readily available within the cost threshold.