Thank you for inviting me to give evidence to the committee on 18 March. During my evidence session I was asked to provide you with a note to clarify the timescales for the revision of the RIPA codes and the two reviews which I mentioned during the course of my evidence.

TIMELINE FOR DELIVERY OF REVISED RIPA CODES OF PRACTICE

  The Home Secretary in her statement to Parliament on 21 February gave an undertaking to deliver a revised Covert Surveillance and Covert Human Intelligence Sources Code of Practice by December 2008.

  The review of the Codes has already started. A number of issues have been identified on which we will need to consult with our stakeholder community to ensure both that they have the powers that they require, and that appropriate oversight mechanisms are in place without adding unnecessary bureaucracy. The stakeholder community with an interest in surveillance activity is wide ranging and includes law enforcement, intelligence agencies, public authorities, the Office of Surveillance Commissioners, the Information Commissioner, Law Society, Bar Council, prosecutors, community groups and Human Right organisations. We intend to publish the draft codes for consultation over the summer.

  Both Codes are subject to the affirmative resolution in both Houses, so we will be seeking to lay the revised codes before Parliament in the Autumn.

INTERNAL HOME OFFICE REVIEW

  In the first Home Office corporate strategy for information, systems and technology published in February 2007 as part of the Reform Programme, Information Assurance was recognised as one of the top cross-cutting thernes It will continue to feature prominently in the updated strategy currently being developed.

  A review was initiated in August 2007 to assess the current situation, establish any requirements for change and identify any actions to be taken. This review was not initiated in response to an incident or problem, but reflects the Home Office's proactive approach to protecting information. The review is led by a Government independent Reviewer, Nick Coleman, who recently undertook a review of information assurance across government for the Cabinet Office.

  The first phase of the Home Office Information Assurance Review has now been completed and resources have been put in place within the Office of the CIO to implement the recommendations. The next phase of the review is under way and it is estimated that the full review and implementation will be completed by March 2009.

HANNIGAN REVIEW

  The Home Office, along with all other departments, took part in the Cabinet Office review of Data Handling Procedures in Government, announced by the Prime Minister on 22 November and led by Robert Hannigan. This review has now produced a set of mandatory standards and the Home Office is using the same Implementation Programme to implement the requirements of both this and the Coleman review. Early work on the implementation of the mandatory standards has already begun and all implementation work is due to be completed by the end of the 2008-09 Financial Year.

18 April 2008