Issue - meetings

To receive the report which provides an update on the arrangements for information management, information security, and requests for information during 2024/25.

The committee received a report providing an overview of the Council’s arrangements for information management, information security, and requests for information during 2024/25.

The committee noted that the Information Assurance and Data Management (IADM) Programme had used the Gartner’s Enterprise Information Management (EIM) Maturity assessment tool to monitor progress and to provide an assessment for future workloads to increase the organisation’s maturity. The Maturity Assessment Tool had been updated, and a new assessment would be conducted accordingly. The assessment was subject to validation by Gartner, and once this process was complete, the findings would be presented to the committee at an appropriate opportunity.

The committee noted the key activities undertaken to ensure compliance with legislation such as the UK GDPR, Data Protection Act 2018 and the Freedom of Information Act 2000. Updates on the volume and nature of information requests, internal reviews as well as ICO complaints, were provided. The committee noted the continued focus on staff training and awareness, including mandatory e-learning modules and targeted campaigns to promote good data handling practices.

Members discussed the importance of maintaining robust governance frameworks and welcomed the assurance that the Council was actively monitoring and responding to risks in this area. The committee acknowledged the challenges posed by increasing volumes of information requests and the evolving cyber threat landscape. It was confirmed that a private briefing would be arranged for the committee to receive additional details on cyber security and AI.

RESOLVED:

That the Audit and Governance Committee

1. Note the update provided.