Policy overview
Information, and the systems used to process information, are important assets in the provision and effective management of our services.
We need to achieve a reasonable level of assurance to manage and protect information.
- created by us
- entrusted to us by:
- members of the public
- our strategic partners
- other third-party organisations
Information assurance (IA) provides the mechanism by which we achieve this. It supports us:
- to meet our statutory, regulatory, and third-party obligations
- to help mitigate information risk
- to deliver effective services
IA is a set of multi-disciplinary structures, policies, processes, and controls and we implement these at an organisational level.
This policy aims to outline our commitment and approach to implementing an IA framework.
This policy applies to:
- all information that we process, regardless of format
- all information systems that we operate or manage