Dáil Éireann Debate, Tuesday - 21 May 2013
105. Deputy Pearse Doherty asked the Minister for Finance his views on the outsourcing, unique in the Eurosystem, of essential services at the Central Bank of Ireland including IT and security services. [23942/13]
View answerThe responsibility for operational and security policies at the Central Bank is a matter for the Central Bank Commission and the Governor of the Bank. However I understand the Central Bank has entered into a contract with HP to provide the physical data centre environment to host its IT systems, manage the technical infrastructure aspects of these systems and provide hosting facilities at a backup data centre for the purposes of business continuity and replacing existing facilities which are at ‘end of life’. HP will not have access to any of the banks business applications. The security of the technical aspects of the systems will be achieved through a combination of physical and logical protections, procedural and process protections, security features including encryption where necessary and on-going monitoring and reporting features. The steps taken comply with the Central Bank’s internal security policies and those of the ECB and are underpinned by the contractual and legal arrangements with HP.
The new data centre environment will negate the requirement for the Central Bank to build two new data centre facilities and there will be no ‘outsourcing’ of Central Bank staff arising from the contract with HP. HP was engaged following a competitive tender process, which included assessment across a number of criteria including security and cost. The process was approved by the Central Bank Commission.
I am informed by the Central Bank that some other Central Banks have engaged external specialist private companies to provide elements of the services similar to those which will be provided under this contract. It is to be expected that other Central Banks will evaluate external data centre options when they come to an ‘end of life’ scenario with their existing facilities.
In relation to security arrangements, the Central Bank is not in a position to disclose or discuss the details of its security model or operations. However, security operations are reviewed regularly to ensure they operate to current best practices and in the most effective and efficient manner.
