Provide, name, address and telephone number for the following people:
• Senior Information Risk Owner / Paul Masters
The Exchange
New County Hall
Treyew Road
Truro
TR1 3AY
Tel: 01872 324125
• Governance Manager / Emma Rowse
Business Intelligence Team Leader
Room 213
New County Hall
Treyew Road
Truro
TR1 3AY
Tel: 01872 324142
• Information Security Officer/Manager / Gemma Stephenson
Senior Policy Officer – Information Management
Room 203
New County Hall
Treyew Road
Truro
TR1 3AY
Tel: 01872 322763
• Information Technology Security Officer/Manager / Angus Macrae
Information Security Manager
De Lank Building,
Old County Hall,
Truro,
Cornwall
TR1 3HA
Tel: 01872 326512
• Caldicott Guardian / Kim Carey
Corporate Director of Adult Care and Support
The Exchange
New County Hall
Treyew Road
Truro
TR1 3AY
Tel: 01872 323612
PCI-DSS
Does your organisation process electronic payment cards? / We accept payment by debit and credit cards.
We are a new unitary authority and as a result of recent systems integration we began proper reporting of income by type in April.
April to July 2010 - 44,480 payments totalling £6,590,078.
We are PCI DSS compliant
How much money is processed from electronic payment cards perannum? / We are a new unitary authority and as a result of recent systems integration we began proper reporting of income by type in April.
How many electronic payment card transactions are processed per annum? / April to July 2010 - 44,480 payments totalling £6,590,078.
Are you PCI-DSS compliant? / We are PCI DSS compliant
ISO 27001
Are you or have you considered becoming ISO 27001 compliant or certified? / The Authority is working towards ISO 27001 compliance. There are no imminent plans for formal accreditation however.
Government Connect
Are you connected and operationally utilising the Government Connect network? If not have you considered connecting to Government Connect and why was the decision made not to connect / Yes we are connected to the Government Connect network.
Do you meet the Government Connect version three requirements? / Yes, the Authority has been assessed twice under version 3.2 and granted compliance status.
Please supply your latest CLAS consultant annual Government Connect assessment/audit report, blanking out any statements which could contravene a security concern from a third party reading it / CoCo related ITHC and the submission itself are restricted level documents which should not be released publicly in the interest of security itself. The Council considers this information exempt from disclosure under Section 31(1)(Law Enforcement) of the Freedom of Information Act 2000.
The attached sanitised, most recent letter of approval from Siemens demonstrates evidence of compliance.
Do you meet the Government Connect version four requirements? / The Authority is following version 4.2of the Code of Connection but is yet to beformally assessed under this standard.
Please supply the latest internal report for the Government Connect version four Audit/Assessment, blanking out any statements which could contravene a security concern from a third party reading it / N/A
Criminal Justice Network
Are you connected to and operationally utilising the CriminalJustice Network? If not have you considered connecting to the Criminal Justice Network and why was the decision made not to connect? / No longer directly
Please supply your latest annual assessment/audit report, blanking out any statements which could contravene a security concern from third party reading / N/A
NHS N3 Network
Are you connected to and operationally utilising the NHS N3 Network? If not have you considered connecting to the NHS N3 network and why was the decision made not to connect? / No we are not connected to the N3. Yes we have considered this but are looking at more cost effective but secure means of achieving the necessary information sharing objectives.
Please supply your latest N3 Connection assessment/audit report, blanking out any statements which could contravene a security concern from a third party reading / N/A
Do both schools and the Council share the same physical network responsible for voice and data communications? / No
Information provided by: Finance, Chief Executive’s Department and Information Services