Skip to main content

Departmental Data Protection

Volume 473: debated on Monday 17 March 2008

To ask the Secretary of State for Transport pursuant to the answer of 20 February 2008, Official Report, column 733W, on departmental data protection, what cost audits were conducted by third party partners in each of the last 10 years. (191751)

It is assumed that this question refers to the cost of audits of departmental data protection conducted by third party partners in each of the last 10 years. Records of audits performed by the Department’s internal audit functions, including those involving third party partners and their associated costs, are not maintained centrally but are kept locally by each of those functions. Furthermore, because of the decentralised nature of management responsibility within the Department and its agencies, specific record-keeping arrangements for other similar audits commissioned by line management vary between the Department and individual agencies and are not maintained centrally. Consequently, the information requested can be provided only at disproportionate cost.

To ask the Secretary of State for Transport whether her Department has a single official with overall responsibility for data security. (193944)

Within the Department for Transport, including its seven executive agencies and shared service centre, the overall responsibility for data security rests with the Permanent Secretary, supported by the Department's senior information risk owner, who is also a board member, and the departmental security officer.

The roles and responsibilities relating to data security matters across all Departments will be subject to the recommendations from the current Cabinet Office review of data handling procedures in Government.