NATS-Annual-Report-2015
NATS-Annual-Report-2015
NATS-Annual-Report-2015
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Annual</strong> <strong>Report</strong> and Accounts <strong>2015</strong> | <strong>NATS</strong> Holdings Limited<br />
Governance 72<br />
<strong>Report</strong>s from Board Committees<br />
(continued)<br />
> Business Continuity: The Committee supports the<br />
activities undertaken by the Executives to ensure<br />
appropriate Crisis Management arrangements remain in<br />
place and effective. Review of procedures and training<br />
exercises for the Silver Teams at Prestwick and Swanwick<br />
have taken place. Further to this, a comprehensive<br />
review of Gold Team arrangements and facilities has<br />
been completed. We will monitor the implementation of<br />
the identified changes during the following year.<br />
> Vetting: <strong>NATS</strong> has a mature vetting process, with direct<br />
access to the Police National Computer and a newly<br />
introduced online vetting process via an outsourced<br />
service hosted by the Foreign and Commonwealth<br />
Office. Key performance indicators are reported which<br />
demonstrate the effectiveness and coverage of the<br />
process.<br />
c. Cyber security<br />
As the sole provider of UK en route air traffic management,<br />
<strong>NATS</strong> is part of the UK’s critical national infrastructure.<br />
<strong>NATS</strong> is also diverse in its business operations, with activities<br />
underway in the UK and overseas. <strong>NATS</strong> relies on effective<br />
digital operations to deliver services and therefore places<br />
a very high priority on cyber security. It is recognised that<br />
<strong>NATS</strong> must be prepared for a variety of threats from a<br />
multitude of sources.<br />
<strong>NATS</strong> remains committed to the active management of<br />
cyber security risks and has, over the past 12 months,<br />
employed a new Chief Information Security Officer (CISO)<br />
and significantly increased the resources dedicated to this<br />
area through an agreement with PricewaterhouseCoopers<br />
(PwC).<br />
Through regular review of the strategy, and of progress<br />
against a detailed cyber plan, the Committee has sought<br />
to ensure that the protection of people, infrastructure and<br />
operations is maintained at a high level and that, within<br />
each of these domains, <strong>NATS</strong> maintains an active security<br />
management system.<br />
A new, mandatory cyber security change programme was<br />
launched in early <strong>2015</strong> and work has continued to attain ISO<br />
27001 certification, the international quality standard for<br />
information security management. <strong>NATS</strong> will be undergoing<br />
the required ISO 27001 external audits in the middle of<br />
<strong>2015</strong>.<br />
Iain McNicoll, CB CBE<br />
Chairman of the Safety Review Committee<br />
Governance