Compliance arrangements comprise a system of self-assessment, accreditation, assurance reporting, audit and review. The Department undertakes a variety of audit activity and takes action when it is clear that its IT security policies need to be updated. However, for security reasons, it would not be appropriate to provide details of the audit functions undertaken.
It is not in the interest of the security of the Department, or that of the public, to place in the Library a copy of detailed information pertaining to the security of the Department’s IT systems. Disclosing such information could assist criminals and those who would attempt to cause disruptive threats to the Department.