planning inspectorate (PINS)
Challenge
The Planning Inspectorate (PINS) is the Government agency responsible for processing planning and enforcement appeals and holding inquiries into local development plans and frameworks. It also deals with a wide variety of other planning related casework including listed building consent appeals, advertisement appeals, and reporting on planning applications. Based in Bristol with a further office in Cardiff, PINS employs approximately 900 permanent staff.
Dealing with a high volume of sensitive planning information on a day to day basis and with over half of staff working remotely, information security is a key concern for PINS.
Solution
In April 2005, following a review of its information security strategy, PINS commissioned NCC Group, an independent IT and business consultancy, to provide project advice and assistance throughout the process of achieving certification to ISO 27001 – the international standard for information security.
NCC Group had previously advised on a range of IT and security issues including; reviewing networks, overseeing the implementation of a new firewall, advising on remote access technologies for field-based staff, business continuity planning and regular penetration testing.
The team from NCC Group began by reviewing the existing information security policies and procedures and then made recommendations for where changes were required to bring PINS in line with the ISO 27001 framework.
Results
A detailed implementation plan was developed to enable a structured move to compliance with the standard and ongoing project assistance and quality assurance testing was provided to assist PINS during the implementation phase.
Following a successful audit by LRQA auditors in February 2007, The Planning Inspectorate was awarded ISO 27001 certification in March 2007.
Keith Hodder, Deputy CIO at PINS commented “As well as demonstrating information security best practice, the project resulted in improvements to processes around the use of IT within the business and increased reliability of services.”
========================================================
NCC Group is a leading global provider of independent IT assurance, security and consultancy services. As a trusted advisor, we help over 15,000 public, private and not for profit sector organisations, including 92 of the FTSE 100, to make the most efficient use of information and technology and to manage the associated risks.
Quote
“As well as demonstrating information security best practice, the project resulted in improvements to processes around the use of IT within the business and increased reliability of services.”
Keith Hodder, Deputy CIO, PINS
Challenge
Dealing with a high volume of sensitive planning information on a day to day basis and with many staff working remotely, information security is a key concern
Solution
PINS commissioned NCC Group, to provide project advice and assistance throughout the process of achieving certification to IS0 27001
Results
Following a successful audit by LRQA auditors, PINS was awarded ISO 27001 certification