Scoop has an Ethical Paywall
Licence needed for work use Start Free Trial

Gordon Campbell | Parliament TV | Parliament Today | News Video | Crime | Employers | Housing | Immigration | Legal | Local Govt. | Maori | Welfare | Unions | Youth | Search

 

Terms of reference released for privacy review

Friday, 19 October 2012, 3:44 pm
Press Release: Department Of Internal Affairs

MEDIA RELEASE

19 October 2012

Terms of reference released for privacy review


The Government Chief Information Officer (GCIO), Colin MacDonald today released the terms of reference for his review of the security of publicly accessible government IT systems, and made the following comments:

“The public expects to be able to interact with government effectively and efficiently. They want rapid access to clear, helpful, government information, and easy transactions and they expect that the personal information they share with government will remain private.

“The review I am initiating today will look at the steps agencies have taken to secure their systems.

“I will review lessons learned from the Ministry of Social Development, agency self-review reports and agency documentation. I will also identify any systemic issues and provide assurance and advice on improvements.”

“I have appointed KPMG to support me in the review. Detailed planning will begin next week. A public release of findings will be made after I report first to the State Services Commissioner.”

GCIO Review of Publicly Accessible Systems
Terms of Reference
The Government Chief Information Officer (GCIO), together with an external specialist, will review policy, process and assurance information provided by departments relating to the security of publicly accessible agency systems.
1) Remit
a. The Government Chief Information Officer (“GCIO”) has been requested by the State Services Commissioner to review the security of publicly accessible systems across government
2) Purpose
a. provide Ministers with assurance on the security of publicly accessible systems
b. provide Chief Executives with advice on security improvements which can be made in the deployment and operation of such systems
3) Agencies in Scope
a. Public Service Departments, NZ Police and relevant Crown Entities
4) Matters in Scope
a. Publicly accessible systems including:
i. Kiosks or similar devices that provide public access that are connected to a government network
ii. Web servers that provide a service delivery interface
iii. Wireless networks providing access to the public
5) Approach
a. Review:
i. Lessons learned from MSD
ii. Agency self-review reports
iii. Agency documentation including:
a) Information Management security policy and practices
b) Change & Release Management processes
c) Network and Security architectures
d) Security and penetration tests and responses to those
e) Audit reports and responses to those
b. Recommend:
i. Identify systemic issues
ii. Provide assurance
iii. Provide advice on improvements
6) Timeframe
a. Draft report prepared by 27 November 2012

Advertisement - scroll to continue reading

© Scoop Media

Find more from Department Of Internal Affairs on InfoPages.
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

NEW ZEALAND POLITICS


 
work Join Scoop Pro
 
Submit News
 
person_add Become a Member
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
More RSS
 
 

Featured News Channels


 
  • Wellington Scoop