Tuesday, 25 May 2021
Department of Employment Affairs and Social Protection
My Department is a significant user of information technology for the day to day operation of its services. Our technical staff implement service management practices that are aligned with ITIL industry best practice. There are comprehensive system and data backup policies, procedures and testing arrangements in place in the Department and its agencies. Secure backups are taken at frequent planned intervals to meet operational requirements. For operational and security reasons, we are advised by the National Cyber Security Centre not to disclose detail of operational processes which could in any way negatively impact those efforts. Therefore, it is not considered appropriate to disclose arrangements in place in relation to backup and recovery operational processes and my Department does not comment on these operational matters.
My Department has developed an Information Security Management System (ISMS) aligned with the industry security standard ISO27001. This ISMS provides an overall governance framework for information security and sets out security policies, objectives, management oversight, practices and governance and ensures continual improvement of information security management.