Skip to main content

Departmental Data Protection

Volume 496: debated on Wednesday 15 July 2009

To ask the Secretary of State for Scotland how many (a) attempts and (b) successful attempts were made to gain unauthorised access to each (i) database and (ii) ICT system run by his Department in each of the last five years; and if he will make a statement. (286541)

It is not in the interests of the UK’s national security for Departments to confirm information on the number of attempts, successful or otherwise, to gain unauthorised access to departmental systems or databases. Such disclosure could undermine the integrity and security of departmental systems and thereby expose them to potential threats.

The Scotland Office shares an information technology system with the Scottish Executive, who are responsible for the development, administration, security and maintenance of the system. They comply with the mandatory requirements of the Security Policy Framework in relation to information security including managing the risk of unauthorised access to ICT systems.