PROCEDURE Transaction Monitoring and Audit. Number: G 0811 Date Published: 6 June 2013

Transcription

1 1.0 Summary of Changes This procedure has been amended to include the Police National Database (PND). 2.0 About this Procedure The Chief Constable will assume the responsibilities of the data controller under the Data Protection Act 1998 on behalf of Essex Police. Part of those responsibilities will be to ensure that the principles of the Act are adhered too and that users of all Essex Police systems processing personal data do so only for a valid policing purpose. An expansion of this validation programme to other information systems may take place subject to the agreement of the Head of SCMD. 3.0 Risk Assessments/Health and Safety Considerations Risks associated with this procedure relate to the damage caused to the reputation of the organisation by failing to take adequate measures to ensure full compliance with the provisions of the Data Protection Act Transaction Monitoring and audit performs three important functions: To deter and detect unauthorised access to systems; To raise staff awareness of data protection issues and maintain public confidence; To ensure all relevant transaction fields are completed to provide an adequate audit trail for retrospective investigations into transactions that have been carried out. The monitoring and audit of database transactions will reduce the risk of inappropriate use and will provide reassurance that information is being accessed only for lawful policing purposes. Failure to follow the provisions detailed within this procedure may expose the organisation to a breach of the Data Protection Act Procedure 4.1 Police National Computer (PNC) The scope and nature of the validation checks will be determined by the Audit and Compliance Manager with the agreement of the Head of SCMD in accordance with the ACPO Data Protection Manual of Guidance (Part 2 Audit) July A minimum of three daily validation checks concerning the use of the PNC will be made. The validation process will also focus on the initial reason given for the PNC transaction. Page 1 of 5

2 The validation process will be as follows: The Audit and Compliance Team will send an requesting persons to validate the transaction; On receipt, the person will verify they requested or carried out the transaction together with an explanation in writing as to why they did so; The will then be forwarded to their line manager to validate the transaction including an explanation from any third party who initiated the transaction; The Line Manager will confirm in writing all explanations provided, before forwarding by to the Audit and Compliance Team. The must be returned to the Audit and Compliance Team within 7 days of issue. If a reply is not received within this timescale, the matter will be referred to a Senior Manager together with the Audit and Compliance Manager. If it is not possible to reply within 7 days, the Audit and Compliance Team must be informed without delay. All responses will be recorded on the Access Database and managed within the Audit and Compliance Team. Failure to validate the transaction or the provision of an unsatisfactory response will be escalated to the Professional Standards Department. In the event that potential misuse of police information is identified the Audit and Compliance Manager will forward the relevant details to the Professional Standards Department for their consideration. Where misuse is confirmed the Information System Owners for the relevant information systems from involved will be informed. 4.2 Police National Database Daily validation checks will be undertaken; these will equate to at least 2% of overall usage. Dip samples will also be undertaken to ensure that PND functionality is being accessed correctly by users. Every active user will be subject to dip sampling on a rolling 6 month basis. Transactions will be audited in the event of concerns of inappropriate use being raised. The transaction validation process will be as follows: A date, user and transaction will be selected; The audit log entry for the PND transaction will be reviewed; The search justification will be assessed to ensure that it is sufficient and traceable; The information viewed and extracted will be assessed; If undertaken for a third party the 'on behalf of' field will be checked to confirm it contains a traceable individual; Page 2 of 5

3 A PND validation form (Appendix 1) will be ed to the PND user or third party requesting confirmation of the transaction together with sufficient reasoning to enable the legitimacy of the transaction to be assessed; The user will complete the form and it to their line manager to validate the transaction. The line manager will confirm in writing all explanations provided before ing the form to the PND Audit mailbox; In the case of Corporate Vetting a PND validation form (Appendix 2) will be ed to the Vetting Supervisor requesting the transaction is confirmed, its reason and necessity; The PND Validation Form must be returned to the PND Audit mailbox within 7 days of issue; If a reply is not received within this timescale, the matter will be referred to the Audit & Compliance Manager; The evidence provided will be reviewed to determine whether the PND transaction is / is not validated. Any indication of misuse of the PND or a failure to validate the transaction will be referred to the Audit and Compliance Manager who will pass the matter to the Professional Standards Department as appropriate. A Record of all PND validation forms will be maintained by the auditor. All audit documentation will be retained in accordance with G 0833 Procedure Retention and Disposal Permissions and Access Controls The PND systems administrator is responsible for administrative management of the system; this will be audited on a quarterly basis. A quarterly audit will be completed to ensure there is a signed copy of the PND user end entity agreement of those new members of staff who have completed training and are using the PND. The PND systems administrator is responsible for the management of the Sun Identity Manager (IDM); to ensure that PND users have the correct level of access, are placed in the correct user group(s), to identify any new PND users and confirm PND leavers have had their role access removed a quarterly audit of all PND accounts held in the Sun IDM will be undertaken. Any discrepancies highlighted by this audit will be referred to the Audit & Compliance Manager Usage Monitoring Information regarding force activity on PND will be monitored by the Force PND Lead in conjunction with the Audit & Compliance Manager. The continued accesses to the PND of users not accessing the PND for a period of 4 months or more will be identified and future access requirements reassessed. Page 3 of 5

4 4.2.3 Copy and Paste/Printing Data copied or printed from PND will be monitored to ensure it conforms to the Government Protective Marking Scheme (GPMS). All PND users are aware of their responsibilities Non Standard Service (NSS) The small NSS user community enables a minimum monitoring approach to be undertaken. All NSS searches should be in accordance with the covert searching principles Supervision and Dip Sampling The validation of the use of NSS to ensure the transaction is proportionate is the responsibility of the relevant line manager of the user and should involve a sampling of NSS transactions. The line manager should not need to access the audit capability in NSS to fulfil this responsibility as there will be sufficient detail available in the reports and log which will be supplied by the NSS Auditor. The line manager will endorse the log accordingly. Managers should undertake monthly dip sampling; a minimum of 5% of covert transactions should form the basis of the dip sample The Force NSS Auditor(s) will identify at least 3 NSS searches each month, and working with line managers conduct, an in-depth audit; validation processes will be agreed between the NSS auditors and the respective managers. This will ensure the NSS use is adequately validated and that the principles for covert search users are adhered to. A manager may request an in-depth audit which could be triggered as a result of local supervision activities. 5.0 Monitoring and Review This procedure will be reviewed by the Head of Information Management within three years of the date of publication to ensure that it remains accurate and compliant with legislation, local and national policies. 6.0 Related Procedures G 0801 Procedure Computer Use G 0802 Procedure Use of Communications G 0804 Procedure Information Security Breach G 0805 Procedure Information Security Owner G 0833 Procedure Retention and Disposal Page 4 of 5

5 7.0 Related Policies G 0800 Policy Information Management 8.0 Information Sources None Page 5 of 5