Issue - meetings
Information Security, Risk and Governance Framework and Policies
Meeting: 17/01/2017 - Scrutiny (Policy and Performance) Committee (Item 140)
140 INFORMATION SECURITY, RISK AND GOVERNANCE FRAMEWORK AND POLICIES 
PDF 255 KB
To consider the attached report of the Director of Governance.
Additional documents:
- Appendix 3(1) - Framework, item 140
PDF 215 KB
- Appendix 3(2) - Physical and Environmental Security Policy, item 140
PDF 184 KB
- Appendix 3(3) - Password Policy, item 140
PDF 195 KB
- Appendix 3(4) - Internet Use Policy, item 140
PDF 205 KB
- Appendix 3(5) - Email Acceptable Use Policy, item 140
PDF 190 KB
- Appendix 3(6) - Wi-Fi Policy, item 140
PDF 186 KB
- Appendix 3(7) - Removable Media Policy, item 140
PDF 154 KB
- Appendix 3(8) - Information Management, item 140
PDF 187 KB
- Appendix 3(9) - Incident Management Policy, item 140
PDF 284 KB
- Appendix 3(10) - Payment Card Industry Data Security Standards Policy, item 140
PDF 258 KB
- Appendix 3(11) - Business Continuity Policy, item 140
PDF 188 KB
- Appendix 3(12) - Information Risk Management Policy, item 140
PDF 191 KB
- Appendix 3(13) - Information Sharing Policy, item 140
PDF 224 KB
- Appendix 3( 14) - Public Services Network Personal Commitment, item 140
PDF 195 KB
- Appendix 3(15) - Digital Security (Network Access and Availability), item 140
PDF 188 KB
- Appendix 3(16) - Digital Security (Monitoring and Standards), item 140
PDF 198 KB
- Appendix 3(17) - Data Protection Policy, item 140
PDF 262 KB
- Appendix 4 - End of Consultation Document, item 140
PDF 170 KB
Minutes:
The Director of Governance presented the report on the Information Security, Risk and Governance Framework and Policies.
The policies had been developed by the East Kent Corporate Information Governance Group, which was composed of representatives from Canterbury, Dover and Thanet together with key staff from EK Services (ICT), East Kent Human Resources and East Kent Audit Partnership.
Members were advised that appropriate training and development would be delivered to staff with the intention of affecting positive behavioural change.
RESOLVED: That it be recommended to the Cabinet that decision CAB125 be endorsed as follows:
(a) That the Information Security and Governance Framework and the associated suite of Information Governance Policies at Appendix 3 to the report be approved for implementation from 9 January 2017.
(b) That the Director of Governance be authorised to make any future minor changes or amendments to the Framework and associated policies, providing that these changes do not change the substance of any of the policies.
(c) That the Director of Governance be appointed as the Senior Information and Risk Officer for the Council, and be authorised to discharge the functions and responsibilities of that role, and the Head of Corporate Services be appointed as his deputy.
Meeting: 09/01/2017 - Cabinet (Item 125)
125 Information Security, Risk and Governance Framework and Policies PDF 255 KB
To consider the attached report of the Director of Governance.
Responsibility: Portfolio Holder for Corporate Resources and Performance
Additional documents:
- Appendix 3 - 1st Attachment, item 125
PDF 215 KB
- Appendix 3 - 2nd Attachment, item 125
PDF 184 KB
- Appendix 3 - 3rd Attachment, item 125
PDF 195 KB
- Appendix 3 - 4th Attachment, item 125
PDF 205 KB
- Appendix 3 - 5th Attachment, item 125
PDF 190 KB
- Appendix 3 - 6th Attachment, item 125
PDF 186 KB
- Appendix 3 - 7th Attachment, item 125
PDF 154 KB
- Appendix 3 - 8th Attachment, item 125
PDF 187 KB
- Appendix 3 - 9th Attachment, item 125
PDF 284 KB
- Appendix 3 - 10th Attachment, item 125
PDF 258 KB
- Appendix 3 - 11th Attachment, item 125
PDF 188 KB
- Appendix 3 - 12th Attachment, item 125
PDF 191 KB
- Appendix 3 - 13th Attachment, item 125
PDF 224 KB
- Appendix 3 - 14th Attachment, item 125
PDF 195 KB
- Appendix 3 - 15th Attachment, item 125
PDF 188 KB
- Appendix 3 - 16th Attachment, item 125
PDF 198 KB
- Appendix 3 - 17th Attachment, item 125
PDF 262 KB
- Information Security Report - Appendix 4, item 125
PDF 170 KB
Minutes:
It was agreed:
(a) That the Information Security and Governance Framework and the associated suite of Information Governance Policies at Appendix 3 to the report be approved for implementation from 9 January 2017.
(b) That the Director of Governance be authorised to make any future minor changes or amendments to the Framework and associated policies, providing that these changes do not change the substance of any of the policies.
(c) That the Director of Governance be appointed as the Senior Information and Risk Officer for the Council, and be authorised to discharge the functions and responsibilities of that role, and the Head of Corporate Services be appointed as his deputy.