• Calendar
  • Committees
  • Decisions
  • Election results
  • ePetitions
  • Forthcoming Decisions
  • Forward Plans
  • Library
  • Meetings
  • Outside bodies
  • Parish councils
  • Search documents
  • Subscribe to updates
  • Your councillors
  • Your MPs
  • Your MEPs
  • What's new

    • Issue - meetings

    Update on Cyber Security

    • Issue Details
    • Related Meetings
     

     

    Meeting: 20/08/2024 - Audit Committee (Item 23)

    23 Cyber Security & Information Governance (00:54:00) pdf icon PDF 446 KB

    To receive a report from the Head of Digital Transformation & Customer Engagement providing a high-level update on Cyber Security and Information Management activities and risk mitigation over the past few months.  

     

    Please note: During discussion of this item, it may be necessary to Exclude the Press & Public having reflected on Article 12 12.02(d) (a presumption in favour of openness) of the Constitution. This decision may be required because consideration of this matter in public may disclose information falling within one of the descriptions of exempt information in Schedule 12A to the Local Government Act 1972 as defined in paragraph 3 respectively of Part 1 of Schedule 12A of the Act, namely information relating to the financial or business affairs of any particular person (including the authority holding that information).

     

    Minutes:

    The Committee had before it, and NOTED, a report * from the Head of Digital Transformation & Customer Engagement providing a high level update on Cyber Security and Information Management activities and risk mitigation over the past few months. It also included an update on activity and challenges around meeting the high-level audit recommendations as detailed in the Cyber Security and ICT Core Audit 2022 – 23 and the Information Governance Audit 2022 – 2023.

     

    The following was highlighted within the report:

     

    ·       Performance metrics had improved in recent months which was pleasing.

    ·       The IT Service area had been challenged by a reduction in staff impacting on their ability to do as much and as quickly as they would like. The focus had had to be on keeping data safe.

    ·       Keeping pace with issues in this area was a constant battle.

    ·       The one high level outstanding audit recommendation had been down to capacity issues. Arrangements regarding Cyber Security were now in a good position, however, there were still a number of outstanding recommendations with regard to Information Management. One of the Data Protection Officers had left the organisation therefore the service was running at a deficit. The Head of Service confirmed that they had now recruited and that following training the service area would be back up to speed and able to focus on compliance. She also confirmed by, way of reassurance, that all the relevant policies were in place. 

     

    RESOLVED that:

     

    An extension of time as detailed on Cyber Security and ICT Core Audit 2022-23 item 8.1 be granted.

     

    (Proposed by the Chair)

     

    Note: * Report previously circulated.