Contact Us

Address:
The Guildhall
Frankwell Quay
Shrewsbury
SY3 8HQ
 
Telephone:
01743 281000
 
email:

Information Security Guidelines

Introduction

Shrewsbury and Atcham Borough Council attaches great importance to ensuring the confidentiality, security and accuracy of information processed and held on computer.
 
There is a British Standard (BS7799 - 1) to cover the basic security principles and procedures that should be in place within an organisation like Shrewsbury and Atcham Borough Council.

Policies

To meet standards, the Authority has produced 2 policy documents which apply to all Employees and Councillors of the Authority. The Purpose of the documents are to ensure conformance to the principles laid down in BS7799.

The policy documents produced have been approved by the Council's Standards Committee:-

  • Security Policy - This defines the Council's policy for security.
  • Internet and Email Policy - This is specific to use of email and Internet. The policy forms an appendix to the Security Policy.

Compliance

Users of Information Technology (IT) are responsible for ensuring they are aware of their responsibilities under these policies.
 
Any individual who suspects that the policies are being violated by another individual must report the violation immediately to his or her Manager, who, in appropriate circumstances, must report the matter to Computer Services.
 
A log of all security incidents will be kept by Computer Services. The log is the responsibility of the Security Officer, Chris Taylor. The log records any reported incidents and the subsequent action taken. Serious incidents will be referred to Internal Audit for investigation.
 
Any serious breach of the policies may result in the individual being subjected to the Council's disciplinary procedure. Breaches by Councillors will be referred to the Councils Standards Committee.

Good Practice Guide for Computer Users

In addition to the formal policy documents, Computer Services have produced a 'Good Practice Guide'. The Personnel Committee and JPCC have approved the guide.
 
Whilst you are obliged to comply with the Security and Email/Internet policies, the objective of the 'good practice guide' is to advocate 'recommended practice' when using the Council's computer systems.

Access to Documents

Copies of the documents are available via the Council's Intranet site:-
Could all Service Managers and Administrators please ensure that their Staff have access to these documents and observe their responsibilities for compliance.
 
Copies of the documents will be available to Councillors from Democratic Services or on request by email.
 
Those members of Staff who do not have access to the Intranet should contact Chris Taylor for a copy (01743 281081).

Queries

If you have any queries with regards to the policy documents please contact Chris Taylor (01743 281081) or email chris.taylor@shrewsbury.gov.uk

Policies and Guidelines - Word Document (Microsoft Word format, 96Kb)