FOI22/23 041 IT Questionnaire
FOI reference: 22/23 041
Date received: 28/07/2022
Date responded: 08/08/2022
Information requested
Under the Freedom of Information Act, I would request you to respond to questions included in the attachment.
For any reason if you are unable to open the attachment do let me know. I can then send the questions within the email itself.
Please note: If you do not have records relating to the questions in the attachment, please pass on this request to your IT department to provide us with the required information.
Response
The information for questions 1 and 2 is contained within the attached document.
However, the information requested is question 3 is considered exempt under section 35(1)(a) of the Act which states:
35 Law enforcement
(1) information is exempt information if its disclosure under this Act would, or would be likely to, prejudice substantially—
(a) the prevention or detection of crime;
While our aim is to provide information whenever possible, in this instance the information requested is exempt under section 35(1)(a) of the Act as the public disclosure of information about our IT systems would potentially compromise the security of the services delivered. Providing details of specific systems or products used by SQA would leave the organisation vulnerable to potential cyber-attack
When applying a section 35 exemption we have to consider the public interest.
We consider that there is likely to be very little public interest in the types of software applications that are used by the organisation. It is much more in the public interest that the security of our IT systems is not compromised. Accordingly, the public interest in maintaining the exemption, outweighs that of releasing the information.
Documents:
Related Information
- Subject access request form
- SQA Publication Scheme (180 KB)
- SQA Record of Processing (49 KB)