The data stored on the Department's computer systems is protected against unlawful access in line with the Department's policies on business information protection. The majority of the Department's data is stored on processors in its data centres and, to a lesser extent, on networked servers and PCs. Access is provided in a controlled manner to the Department's staff, agents and related organisations. Electronic data is protected by employing appropriate protection mechanisms such as access control software, firewalling and anti-virus software. The protection regime in place is monitored regularly. As part of an ongoing review of information security needs, the Department is in the process of implementing a formal information security architecture aimed at maintaining high standards of information security.
The Department has a business information protection committee at senior level. This committee meets at regular intervals to review all aspects of business continuity and security. No hacking or attempted breaches of the Department's security in relation to electronic data have been found.