The following tables show the number of officially issued assets centrally reported as recovered from the MOD and its agencies since 2003. Some delayed reporting of recoveries of hardware has led to minor updates to the figures in this answer compared with information provided in previous answers. The following figures reflect the latest data held as at 18 December 2008.
MOD recoveries by year 2003 2004 2005 2006 2007 2008 Total (a) Desktop computer 0 1 2 3 0 1 7 (b) Laptop computer 5 6 11 9 9 26 66 (c) Hard drives 2 2 1 0 1 5 11 (d) USB flash memory devices 0 0 0 1 1 11 13 Total 7 9 14 13 11 43 97 Note: Memory sticks are defined by MOD as USB flash memory devices.
2003 2004 2005 (a) (b) (c) (d) (a) (b) (c) (d) (a) (b) (c) (d) DT LT HD USB DT LT HD USB DT LT HD USB Air — — — — — 2 2 — — 2 1 — Centre — — — — — — — — — 1 — — Def Estates — — — — — — — — — — — — DE&S — — — — 1 1 — — — 1 — — DSTL — 1 — — — — — — — — — — Fleet — 3 1 — — 1 — — — 1 — — Land — 1 1 — — 1 — — — 1 — — PJHQ — — — — — 1 — — — — — — UKHO — — — — — — — — — — — — Other — — — — — — — — 2 5 — — Total MOD 0 5 2 0 1 6 2 0 2 11 1 0
(a) (b) (c) (d) (a) (b) (c) (d) (a) (b) (c) (d) DT LT HD USB DT LT HD USB DT LT HD USB Totals Air — 3 — — — 1 — — — 2 — — 13 Centre — 2 — — — 2 — — — 4 — 5 14 Def Estates — — — — — — — — — 1 — 1 2 DE&S — 1 — — — 1 — — — 5 — — 10 DSTL — — — — — — — — — — — — 1 Fleet 1 3 — — — 2 — — — 9 3 — 24 Land 2 — — 1 — 3 1 — 1 3 1 3 19 PJHQ — — — — — — — 1 — 1 1 2 6 UKHO — — — — — — — — — 1 — — 1 Other — — — — — — — — — — — — 7 Total MOD 3 9 0 1 0 9 1 1 1 26 5 11 97 Notes: DT—Desktop Computers LT—Laptop Computers HD—Hard drives USB—USB flash memory devices Other—the MOD agency could not be identified.
The Ministry of Defence and its Agencies have several hundred computer systems in use ranging from corporate IT systems serving thousands of users across the Department and its Agencies, to business area systems serving smaller communities. The following data cover those systems within the MOD and its Agencies where accreditation is centrally controlled by Defence Security and Standards Assurance (DSSA), which are either connected to the MOD networks, or are stand alone above Secret, or are systems that contain significant value to the MOD e.g. those systems that contain particularly sensitive or personal data. It does not include those systems where authority for accreditation has been delegated e.g. stand alone systems with no onward connectivity, and where a further breakdown of information could be provided only at disproportionate cost.
58 per cent. of systems have been through the accreditation process. Of these, 27 per cent. of systems are classed as fully accredited and are being operated in a manner within the MOD’s Senior Information Risk Owner (SIRO)’s risk appetite; 31 per cent. of systems are currently classed as having conditional or interim accreditation with constraints placed on the operation of the system to ensure that identified risks are adequately managed within SIRO’s risk appetite.
The balance of systems (42 per cent.) are in the process of being accredited; this represents the significant workload undertaken to plan and develop solutions for new equipment systems or platforms; this also includes applications from legacy systems, many of which will be migrated onto the developing Defence Information Infrastructure.