Accordingly, This Information Is Provided Below

Dear Mr Schneider

Thank you for your email dated 16 August requesting information under the Freedom of Information Act 2000 within Belfast City Council. I can confirm that Belfast City Council does hold some of the information that you have requested and has decided that the information it holds can be disclosed.

Accordingly, this information is provided below.

Where the council does not hold any of the information requested this is clearly indicated.

I have set out our response to your request in the order that you have arranged your email.

1. Provide, name, address and telephone number for the following

people:

• Senior Information Risk Owner

Mrs Julie Thompson

Director of Finance and Resources

Belfast City Council

City Hall

Belfast BT1 5GS

Tel 0289027 0248

• Governance Manager

Mrs Gay Ireland

Corporate Risk and Governance Manager

Audit, Governance and Risk Services

Belfast City Council

Adelaide Exchange

24-26 Adelaide Street,

Belfast BT2 8GD

Tel 0289027 0729

• Information Security Officer/Manager

Mr David Kelly

Co-Acting Head of IT

Portfolio Manager (Council & External Solutions)

Mr Paul Gribben

Co-Acting Head of IT

Portfolio Manager (Infrastructure)

c/o

Information Services Belfast (ISB)

Finance &ResourcesDepartment

Belfast City Council

22-38 Gloucester Street, Belfast,BT1 4LS

• Information Technology Security Officer/Manager

Mrs Lynne Lyttle

Assistant IS Manager

Information Services Belfast (ISB)

Finance &ResourcesDepartment

Belfast City Council

22-38 Gloucester Street, Belfast,BT1 4LS

• Caldecott Guardian

Belfast City Council does not have a Caldecott Guardian. District councils have no responsibility for health functions.

1. PCI-DSS

• Does your organisation process electronic payment cards?

Yes.

• How much money is processed from electronic payment cards perannum?

Between 1 September 2009 and 31 August 2010 Belfast City Council processed £4,573,187.61from electronic payment cards.

• How many electronic payment card transactions are processed perannum?

Between 1 September 2009 and 31 August 2010 Belfast City Council processed

88,324 electronic payment card transactions.

• Are you PCI-DSS compliant?

Belfast City Council is currently at level 4 and is not yet PCI compliant.

1. ISO 27001

• Are you or have you considered becoming ISO 27001 compliant orcertified?

Belfast City Council is not ISO27001 compliant but we are currently considering options around ISO27001.

1. Government Connect

• Are you connected and operationally utilising the GovernmentConnect network?

No.

• If not have you considered connecting toGovernment Connect and why was the decision made not to connect?

There is no current requirement to connect.

• Do you meet the Government Connect version three requirements?

The council does not hold this information as we do not use this system.

• Please supply your latest CLAS consultant annual Government Connect assessment/audit report, blanking out any statements which couldcontravene a security concern from a third party reading it.

Not applicable as the council is not connected to the Government Connect network.

• Do you meet the Government Connect version four requirements?

Not applicable as the council is not connected to the Government Connect network.

• Please supply the latest internal report for the Government Connectversion four Audit/Assessment, blanking out any statements whichcould contravene a security concern from a third party reading it.

Not applicable as the council is not connected to the Government Connect network.

1. Criminal Justice Network

• Are you connected to and operationally utilising the CriminalJustice Network?

No.

• If not have you considered connecting to theCriminal Justice Network and why was the decision made not toconnect?

No. The council has no administering role in the Criminal Justice function in Northern Ireland.

• Please supply your latest annual assessment/audit report, blanking out any statements which could contravene a security concern from a third party reading it.

The council does not hold this information, please see answerabove.

NHS N3 Network

• Are you connected to and operationally utilising the NHS N3Network?

No.

• If not have you considered connecting to the NHS N3network and why was the decision made not to connect?

No because the council is not responsible for administering the health function in Northern Ireland.

• Please supply your latest N3 Connection assessment/audit report,blanking out any statements which could contravene a securityconcern from a third party reading it.

The council does not hold this information, please see answer above.

• Do both schools and the Council share the same physical networkresponsible for voice and data communications?

Not applicable as the council is not responsible for schools in Northern Ireland.

If you are dissatisfied with how the Council handled your request for information, you have the right to request that the Council formally review this decision. If you wish to do so, please write to the Records Manager, ChiefExecutive's Department, Belfast City Council, City Hall, BT1 5GS.

Should you remain dissatisfied following the Council’s internal review, you can seek an independent review from the Information Commissioner. Requests for an independent review should be made in writing to: The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. However I would advise you that the Information Commissioner has indicated that a review will not be undertaken unless the Council has first had an opportunity to re-consider its decision.

If you have any queries about this email, please contact me.

Yours sincerely

Sharon Godden

Programme and Business Support Assistant

Information Services Belfast

Belfast City Council

22-38 Gloucester Street

Belfast BT1 4LS