asked Her Majesty's Government:
Whether the data security arrangements of HM Revenue and Customs, or its predecessor bodies, have ever been audited; and, if so, what were the conclusions of the most recent audit. [HL807]
HMRC Internal Audit conducts regular audits of aspects of the department's work. Data security is considered where appropriate across the internal audit programme and areas of concern are reported to senior management. HMRC Security and Business Continuity also undertakes a programme of assurance activity in respect of accredited IT systems.
On 20 November the Chancellor announced a review of HMRC's data handling procedures to be conducted by Kieran Poynter, chair of PricewaterhouseCoopers.
The interim report was published on 17 December 2007 and copies are available in the Libraries of both Houses.
The National Audit Office also conducts audits of HMRC systems and processes and the noble Lord may wish to write to the Comptroller and Auditor-General.