In-service IT systems and managed services take full account of the Department's policies and procedures for information security management, which conform to the principles and controls in ISO 27001. Systems that were implemented before the ISO standard was introduced are currently being reviewed for conformance with the Department's policies and procedures.
(2) what the (a) original planned cost and (b) actual cost was for each information technology project completed by his Department and its agencies since 1997; and if he will make a statement.
[holding answer 22 July 2008]: We would refer to our previous responses:
PQ/08/200070 (answered 25 April 2008, Official Report, columns 2354-56W):
“To ask the Secretary of State for Work and Pensions, how much his Department has spent on IT projects since 2005; and what estimate he has made of its total expenditure on IT projects between 2005 and 2010”
and
PQ/08/180577 (answered 5 March 2008, Official Report, columns 2591-96W):
“To ask the Secretary of State for Work and Pensions, what the (a) start date (b) original planned completion date (c) current expected completion date (d) planned cost and (e) current estimated cost is for each information technology project being undertaken by his Department and its agencies; and if he will make a statement”
The costs of answering the above question would be available only at a disproportionate cost.