Processes such as appointment of subcontractors and staff accreditation programmes have been tightened at the department during the handover from previous supplier EDS.
All procedures implemented by Capgemini and partners Fujitsu Services and BT must also meet the BS7799 security standard, with the Revenue also planning to adopt the standard internally.
‘We now have in place a security governance structure, security accreditation processes and we approve subcontractors,’ said Dave Evans, head of security at the Inland Revenue, speaking at Gartner’s IT Security Summit last week.
‘At the start of the previous contract there was no effective security management process in place for the relationship,’ he said.
In one incident during the EDS contract, the Inland Revenue’s security department only discovered cost saving plans to shut a datacentre, and move information to a shared site, when an internal memo was circulated, said Evans.
The department has now built in a series of reviews to ensure that security procedures are adhered to at every stage on the outsourcing contract.
HMRC has won its tenth successive case against tax avoidance schemes promoted by NT Advisors. The Court of Appeal has ruled that NT ... read more
HMRC is continuing to ramp up the number of raids on premises it carries out as part of criminal investigations, searching 761 properties in the last year
Five million taxpayers are ow using digital personal tax accounts (PTA) as part of the making tax digital strategy, HMRC said
Since the release of HMRC’s plans for digital tax reforms, many have agreed with the call for a delay