U.K. Audits Government Processes for Protecting Data

An independent reviewer will release a report next month analyzing how U.K. government agencies manage and protect information, a key issue as the U.K. government looks at ways to broaden how different agencies exchange data.

The Information Assurance review, due to be released at the end of May, is an independent look at how different organizations structure policies around information handling, said Nick Coleman, who heads the review, which falls under the Central Sponsor for Information Assurance, part of the Cabinet office.

Coleman spoke publicly for the first time about the review at the InfoSecurity Europe conference in London on Wednesday, although he did not preview any details in the review.

The review will be used by the U.K. Cabinet to formulate a revised national strategy on information assurance, due for release in the coming months, as well as updating an information assurance review released in 2004. It encompasses areas such as leadership and governance, enterprise architecture and compliance issues, Coleman said.

The independent review comes as the U.K. government undertakes several massive IT projects, all of which have security and privacy concerns due to their involvement of sensitive personal information. The projects include a national ID card program, a revamp of the National Health Service’s (NHS) IT systems and a program to strengthen border controls.