Information Management Strategy.pdf - Lincolnshire Police

More documents

Recommendations

Info

NOT PROTECTIVELY MARKED6.1.5The IMB will provide advice to all staff involved in the management of information throughthe specialisms of its members.6.1.6The IMB will be responsible for ensuring information assurance training is provided in linewith the National Training Strategy and force objectives including:i) Ensuring a training needs analysis is conducted;ii) Establishing appropriate training programmes and schedules;iii) Identifying appropriate training products.6.1.7Membership of the IMB will comprise of any or all of the following:a) DCC as Senior Information Risk Owner (S.I.R.O) (Chair);b) Information Manager (Vice Chair)c) Information Asset Owners from the following business areas: Director of Intelligence D/Supt Public Protection Unit Superintendent Crime and Criminal Justice Superintendent Specialist Operations Superintendent Local Policing West Superintendent Local Policing East Head of Legal Services Head of Finance Head of Human Resources G4S Operations Manager Head of Professional Standards Customer Contact Managerd) Data Protection & FOIA Manager;e) RRD/Disclosure Managerf) Force Information Security Officer;g) Head of Training;h) Director Of ICTNOT PROTECTIVELY MARKED 34
NOT PROTECTIVELY MARKEDi) Information Technology Security officer (ITSO)j) Communication Security Officer (CoMSO)This list is not exhaustive and can be added to as the need arises.6.1.8 The Force Risk Register will be utilised to ensure that risks identified in the evolving planssupporting the delivery of the strategy are addressed. Any information risk identified onthe Risk Register will be reviewed at each meeting of the IMB.6.1.9The IMB will ensure ongoing compliance with the ACPO/ACPOS (2006) CommunitySecurity Policy (CSP).6.1.10The IMB will act as the forum for Information Security issues raised at the Force SecurityBoard and which require raising to a higher level.6.2 Executive6.2.1 The Chief Officer has ultimate ownership of the force IAS.6.2.2 As force Data Controller, the Chief Officer, in line with the Data Protection Act 1998(DPA), has the duty of a data controller to comply with the data protection principles inrelation to all personal data with respect to which s/he is the data controller, including thefollowing:i) Determines why, as well as how, personal data including sensitive personal data,is to be processed and what security measures will be appropriate;ii) Has a duty to ensure that the collection and processing of any personal datawithin the force complies with the data protection principles;iii) Retains full responsibility for the actions of the data processor;iv) Notifies all processing operations that involve personal data to the InformationCommissioner and keeps this notification up-to-date.6.2.3 The role of data controller is a primary legislative function. The controls for meeting theforce‟s legal obligations for personal data management can be delegated as appropriate,NOT PROTECTIVELY MARKED 35
Page 1 and 2: NOT PROTECTIVELY MARKEDLincolnshire
Page 3 and 4: NOT PROTECTIVELY MARKED2. Informati
Page 7 and 8: NOT PROTECTIVELY MARKEDPreventing t
Page 9 and 10: NOT PROTECTIVELY MARKED3. Strategic
Page 11 and 12: NOT PROTECTIVELY MARKED Review, ret
Page 13 and 14: NOT PROTECTIVELY MARKED6.2 This str
Page 15 and 16: NOT PROTECTIVELY MARKED7.4.3 Full d
Page 17 and 18: NOT PROTECTIVELY MARKED8. Responsib
Page 21 and 22: NOT PROTECTIVELY MARKEDHead Crime-
Page 23 and 24: NOT PROTECTIVELY MARKEDG4S Customer
Page 25 and 26: NOT PROTECTIVELY MARKED5.1.1 Lincol
Page 27 and 28: NOT PROTECTIVELY MARKEDDecision as
Page 29 and 30: NOT PROTECTIVELY MARKED5.3.5 The fo
Page 31 and 32: NOT PROTECTIVELY MARKEDdepartment t
Page 33: NOT PROTECTIVELY MARKED6.1.1 The fo
Page 37 and 38: NOT PROTECTIVELY MARKEDviii) Compli
Page 39 and 40: NOT PROTECTIVELY MARKEDiv)Understan
Page 41 and 42: NOT PROTECTIVELY MARKEDi) Developin
Page 43 and 44: NOT PROTECTIVELY MARKEDData Protect
Page 45 and 46: NOT PROTECTIVELY MARKEDii)iii)Docum
Page 47 and 48: NOT PROTECTIVELY MARKEDix) Maintain
Page 49 and 50: NOT PROTECTIVELY MARKEDix) Co-ordin
Page 51 and 52: NOT PROTECTIVELY MARKEDii) To provi
Page 53 and 54: NOT PROTECTIVELY MARKEDvi) Liaising
Page 55 and 56: NOT PROTECTIVELY MARKEDAppendix ABU
Page 57 and 58: NOT PROTECTIVELY MARKED ACPO Guidan
Page 59 and 60: NOT PROTECTIVELY MARKEDInformation
Page 61 and 62: NOT PROTECTIVELY MARKEDOwner of pol
Page 63 and 64: NOT PROTECTIVELY MARKEDPolicy numbe
Page 65 and 66: NOT PROTECTIVELY MARKED13. Privacy
Page 67 and 68: NOT PROTECTIVELY MARKEDLinkage with

Information Management Strategy.pdf - Lincolnshire Police

Create successful ePaper yourself

Delete template?

Save as template?