Security and events management contracts and budget

1. What Security Incident and Event Management tool are you currently using and when does the contract expire?  

Providing this information may reveal information about the Council’s IT infrastructure that could aid a motivated threat actor to carry out a successful cyber-attack against the Council.  On this basis we consider that the information is exempt from disclosure on the grounds that Section 31(1)(a) of the Freedom of Information Act 2000 

2. What IT monitoring tools do you currently have in place for monitoring:

* Servers both virtual and on prem
* Network
* Firewalls
* Microsoft Apps
* Active Directory

When do the above contracts expire?  

Refer to our response in question 1

3. What collaboration tools do you use and how do you monitor uptime, usage and performance on them?

Refer to our response in question 1

4. Please supply a copy of your IT Strategy

The 2020 ICT Roadmap

5. What frameworks do you procure IT solutions/services through?

We consider that release of this information is exempt under Section 43(2) of the Freedom of Information Act 2000 – Commercial Interests. Devon County Council considers that in releasing this information would likely prejudice the commercial interests of any competitors and this would give an unfair advantage.

We have considered the public interest in this case and we acknowledge that there is a public interest in the transparency around public spending, however, we also consider that there is a public interest in allowing businesses to apply for contracts in a competitive environment, and we therefore, consider that the public interest lies in withholding the information.

6. What IT partners and resellers do you procure via?  

Reseller is Boxxe, East Moor House, Green Park Business Centre, Goose Lane, Sutton on the Forest, North Yorkshire, YO61 1ET

7. What is your IT security budget 

Devon County Council does not have a dedicated IT security budget.