All IT systems across Government are subject to Cabinet Office approved policies and procedures for Information Security Management which are fully compliant with the controls in ISO 27001 and also incorporate the recommendations from the data handling report published in June 2008. Compliance is assessed via a regime known as accreditation.
All IT systems and networks within the Home Office are subject to this continual accreditation process as they enter service for the first time or when significant changes are made to existing systems; there is also a process of periodic review of all accredited systems.