Element 8 - Information Security
For evidence please refer to the appendices below.
Element 8. Information security
The Council has an Information Assurance Group which includes the Head of HR & ICT, the Records Manager, ICT Information Security Officer, Legal representative with special responsibility for Data Protection.
There is a portal on the Council intranet under Information Security which pulls together existing advice on Information assurance and records management for staff.
The Council has an ICT Information Security Policy and the EDRMS has an access control policy.
The Council has a clear desk policy in line with the new flexible and mobile ways of working.
The Council has a corporate contract for the secure disposal of confidential, personal and sensitive paper waste.
Staff are reminded of their responsibilities via team briefings and posters. The Employee Development Unit is currently developing an online learning tool which will in future include training on information security.
Appendix 21 - ICT Information Security Policy (PDF)
Appendix 22 - Clear Desk Policy guidelines (PDF)
Appendix 23 - EDRMS Access Control Policy (PDF)