CIS security

Security and the Memorandum of Understanding

Security and the protection of customer information are of paramount importance. The Memorandum of Understanding (MoU) (148KB) between the DWP and local authorities (LAs) sets out the framework through which LAs will access DWP data through CIS.

Each LA must ensure DWP data is securely handled. Access to CIS can only be made for the purpose of administering HB/CTB and must comply with legislation and industry best practice.

Before accessing CIS all potential users of CIS must:

• complete the full mandatory technical and security training
• sign the confidentiality agreement within the training package

Any access to CIS must be made in the knowledge the information remains the property of DWP. Any detected misuse of CIS will lead to disciplinary action, with the possibility of dismissal and potentially prosecution.

To identify system abuse both LAs and LAST continually carry out covert and system Management Test checks.

Homeworkers

DWP understands the benefit of employing home workers but recognises they do represent additional risk. LAs need to set down a clear policy on working from home and educate staff appropriately. The LA CIS Guide covers the subject in more detail.