§ 21. Ms Meg Munn (Sheffield, Heeley)What steps have been taken to improve the security of Government information systems. [125456]
§ The Minister for the Cabinet Office and Chancellor of the Duchy of Lancaster (Mr. Douglas Alexander)All Government information systems are required to meet specified security standards, which are regularly reviewed in the light of the prevailing threats. To ensure that Government Departments' most critical information processes are adequately protected, Departments are adopting the international standard for information security management.
§ Ms MunnI thank my hon. Friend for that answer. Many private-sector organisations are involved with the public sector in these information systems. What assurance can my hon. Friend give that the partnerships between the private and public sectors are strong and will be maintained in a way that will ensure the security of the information?
§ Mr. AlexanderMy hon. Friend raises an important point. In October 2002, the central sponsor for information assurance was established by the Government. The CSIA works with both the public and private sectors, and international counterparts, to help safeguard the nation's IT and telecommunications services. We need to be able to tap in effectively to the expertise that exists in the private sector, as well as to that in the public sector. This is, of course, a very serious issue.
§ Mr. Richard Allan (Sheffield, Hallam)Does the Minister agree that an ability to audit the source code of key software applications is an important element in securing Government information systems? Do the Government prefer to have accessible source code for their security systems?
§ Mr. AlexanderThe issue of source codes is being considered across Government at the moment, in terms of both open-source software and the more general point of security that has been raised. I shall be happy to write to the hon. Gentleman on the specific point that he has raised today.