§ Brian WhiteTo ask the Chancellor of the Exchequer what steps he has taken to review the security of the Department's IT system; and how many digital attacks there were on the Department's system in(a) October and (b) 2002. [80771]
§ Ruth KellyThe Department has in place a BS/ISO 17799 compliance programme, and has recently undergone a CRAMM v.4 risk assessment, allowing us to review the effectiveness of our security controls. Several aspects of our office system have also been subjected to independent 'health-checks' in the past 12 months. The controls covering the departmental system's external connections are reviewed every six months by the national security authorities. There have been no incidents of digital attack in either(a) October, or (b) 2002, on the office system, however there was one incidence of digital attack on an external website that was under construction, discovered in June 2002.