Issue - meetings
Data Security in a Cloud Based Environment
Meeting: 26/06/2019 - Audit, Risk and Scrutiny Committee (Item 10)
10 Data Security in a Cloud Based Environment - IA/AC1912 
PDF 240 KB
Decision:
(i) to note the updated information provided by the Chief Internal Auditor; and
(ii) to otherwise note the content of the report and endorse the recommendations for improvement as agreed by the relevant function.
Minutes:
The Committee had before it a report by the Chief Internal Auditor which presented an audit in relation to Data Security in a Cloud Based Environment which was undertaken to provide assurance over the Council’s arrangements to ensure data security where business was transacted trough the Cloud.
The Chief Internal Auditor provided the following update to the Committee:
(1) on agenda page 121, the “Service Response / Action” and “Internal Audit Position” text should be replaced with: “D&T will arrange Council initiated external IT health check reports/security audits for third party suppliers managing Council personal data in the cloud as deemed appropriate”, with an associated implementation date of August 2019”; and
(2) on agenda page 110, in the summary, paragraph 5, the final two sentences should be replaced with: “D&T has agreed to arrange Council initiated external IT health check reports/security audits for third party suppliers managing Council personal data in the cloud as deemed appropriate.”
The Committee resolved:-
(i) to note the updated information provided by the Chief Internal Auditor; and
(ii) to otherwise note the content of the report and endorse the recommendations for improvement as agreed by the relevant function.