30 Jul 2010 | Last updated Monday 5 July 2010 at 14:33 | Subscribe to our feed
Home | Audit of PC disposal procedures

Audit of PC disposal procedures

Client name: 
Southend-on-Sea Borough Council
Southend-on-Sea Borough Council now has a comprehensive strategy for securing information and securely disposing of ICT hardware in an environmentally sustainable way following a review by Socitm Consulting. With our expertise in integrating information and hardware lifecycle management, we were able to assist the Council in ensuring both data and equipment are managed securely and ethically across the organisation.

 

The project issues
The Council had a contract with an external supplier for securely disposing of PCs and related equipment at the end of their useful life. As a result of a process error, one PC failed to be cleansed of data and was sold with confidential information on its hard disk. The Council undertook an internal review of its quality control of the supplier but wanted an independent review of its disposal procedures. Socitm Consulting was asked to review the Council’s information security and hardware disposal procedures against best practice guidelines.

The Socitm Consulting solution
The project began with a series of meetings with Service Directors and key staff. We also reviewed existing documentation on PC disposal procedures. From this we produced a report which made a series of high level recommendations. These included:

  • Support for the conclusions of the Council’s internal audit of its need to improve its quality control of the hardware disposal supplier
  • Improving asset management processes for disposing of hardware
  • Improving the management and security of information shared and disseminated across the Council’s network, on PCs and storage devices
  • Considering disposal issues at the point of procurement and only procuring from a supplier accredited under the Waste Electrical and Electronic Equipment (WEEE) Directive
  • Improving asset tracking by maintaining comprehensive registers of the lifecycle of equipment

The benefits to the client
With our comprehensive understanding of the security and environmental issues governing the disposal of data and hardware, we were able to assist the Council to widen its review of its disposal procedures to encompass the organisation-wide information security and equipment lifecycle environment. As a result, the Council now has a policy in place that should ensure the secure and ethical management of data and hardware throughout their entire lifecycle.

Project identification
Client organisation: Southend-on-Sea Borough Council
Client contact: Sally Holland, Corporate Director, Support Services, 01702 215000,  sallyholland@southend.gov.uk 
Lead consultant: niall.perry@socitm.gov.uk
Project no: 6154

  | Tags: Auditing/critical friend, English unitaries, ICT and information management strategies, Information assurance, South, Security management

Related items

You may also be interested in these items

Copyright © 2009 Socitm Consulting Ltd. All Rights Reserved

 

Powered by Drupal and Drupal Theme created with Artisteer by Andy Grant

Designed by Boilerhouse.co.uk