§ Mr. CohenTo ask the Secretary of State for Defence whether he has incorporated the code of practice for information security management, published by the British Standards Institution, into relevant contracts with information technology suppliers.
§ Mr. AitkenThe code of practice for information security management has been developed by, and established for use by, commercial organisations; it does not specifically address the requirements for the protection of official information. The security requirements for IT systems and services used by central Government Departments have been developed specifically for use within Government, and are reviewed regularly to ensure best practice.