Reference: FoI 9 2014 15 FY Issue date: 8 July 2014 Topic: ICT Request: Could you please supply me with the following information? Full details of your organisational structure for your ICT Department, including ICT security, infrastructure, risk, governance and compliance in addition please include names, job titles and email addresses. Full details of your top 20 suppliers of ICT services and a brief description of the nature and values of the contracts held by them in addition please include top 10 suppliers who deal with security of your back office and infrastructure. Response: Please find attached organisational diagrams for the: Internal Software Development Team; and IT Service Delivery Team. We are unable to disclose the names, job titles and email addresses of ICT employees to you. This is because this information is personal data as defined in section 1(1) of the Data Protection Act 1998. Section 40(2) and 40(3)(a) of FoIA provide that personal data is exempt information if its disclosure would contravene any of the data protection principles. In the present case, we do not consider that disclosure of this information would comply with the data protection principles. This is on the basis that disclosure would not be fair to the data subjects, who have a reasonable expectation of privacy in relation to their personal data. As section 40 is a qualified exemption, we have considered whether the public interest in disclosure outweighs the public interest in withholding the information, and have concluded that it does not. This is on the basis that the data subjects are not in public facing roles, and that they therefore have a reasonable expectation of privacy in relation to their personal data.
Full details of your top 20 suppliers of ICT services and a brief description of the nature and values of the contracts held by them in addition please include top 10 suppliers who deal with security of your back office and infrastructure. We have a single ICT supplier: CGI. CGI provide hardware, which includes the servers, disk storage and networking necessary to deliver the infrastructure to run all of the PPF applications and includes desktop/laptop hardware, WiFi, RAS, Telephony and MFD s. The software provided by CGI includes platform applications such as Virtual server, Net backup, Citrix-XenApp, MS network, Sharepoint, RAS and telephony software. Also COTS applications such as MS Windows, MS Office, Quest, SQL server, Repliweb, and Adobe etc. The services provided are as follows: Desktop management service Desktop System Software support service Desktop Hardware maintenance service Desktop installation, redeployment, relocation and disposal service Printer support service Remote Access Device service IL2 RAS service IL3 RAS service Electronic catalogue service Internet access service Email operational support service Application management service COTS Application and Interface software support service Bespoke Application and Interface software support service In-house Developed Application software support service Database administration service Application installation and removal service Licence management service Server Systems hosting service Server Systems management service (hosted) Server Software support service (hosted) Server Hardware maintenance service (hosted) Data backup service Archive and retrieval service Data Network Systems provision service Data Network Systems management service Data Network Systems engineering works service Data Network Software support service Data Network Hardware maintenance service Voice Network Systems provision service Voice Network Systems management service Voice Network Software support service Voice Network Hardware maintenance service Telephony service
Unified communications service Security management service Security Management Plan service Organisation of information security service Asset management (security) service HR security service Physical/environmental security service Communications and operations management service Access control service Information systems acquisition, development and maintenance service Information security Incident management service Business continuity management service Compliance service Forensic readiness plan service Service continuity service Project management methodology Programme/Project management service Project support service Project delivery service Testing service Server Systems refresh service Desktop Systems refresh service Data Network Systems refresh service Voice Network Systems refresh service Service integration Service desk service Communication service General advice and guidance service Incident management service Problem management service Major Incidents service IT strategy assistance service Availability and capacity management service Scheduled Maintenance service Emergency outages service Risk management service Release management service Change management service Configuration management service Specification service Innovation service Procurement service Sustainable IT service ICT investigation service. I hope that the information we have provided to you is of use.
Internal Development Team
IT Service Delivery Team