Fire Service staffing (FOI)
Fire Service staffing (FOI)Produced by the Freedom of Information office
Authored by Government of Jersey and published on 25 February 2022.
Prepared internally, no external costs.
In respect of the Fire Service -
Who is the SIRO / Senior Information Risk Owner, or equivalent? A name and job title, or if they are below the disclosable level just a job title is fine, could you also provide a contact email for this person.
If you do not have a nominated SIRO could you please answer (A) with the person(s) with responsibilities equivalent to a SIRO.
Do you have, or are you planning to have, appointed Information Asset Owner’s (IAO’s) (or a similar role such as data stewards, data owner, etc)?
If the answer to (B) is yes, how often are they trained and who is responsible for organising the training? (as in, the person)
Are you or have you considered becoming ISO 27001 compliant or certified? If so whom is responsible for the project? (as in, the person)
When did you last conduct a Physical Security risk assessment of the Services building(s)/estate(s), and who is responsible for managing risk in this area? (as in, the person)
Who is your DPO (Data Protection Officer) or responsible person for DPO duties?
The Accountable Officer (usually the Director General) is the ultimate Information Risk Owner for a department. The Chief Fire Officer has responsibility for Information Risk Management and typically delegates this to a Data Governance Officer to ensure risks are managed.
There are Information Asset Owners (IAOs) defined within the States of Jersey Fire and Rescue Service.
IAO training was given in 2021 under the Cyber Programme. Ongoing training exists for all employees around Cyber Security and more role based specific training is to be defined later this year. The Data Management team in M&D (Modernisation & Digital) will be providing IAO specific training during 2022.
The Government of Jersey is using the ISO27001 standard to guide all changes that have an impact on Information management. There is currently no appetite to achieve certification for the whole GoJ nor the FRS specifically although this may change in the future.
A physical security assessment was conducted last year as part of the Cyber Programme across the entire GoJ estate but on a sample (one fifth of the estate) basis, this included Jersey Fire and Resue Headquarters. The findings are being used to plan future activity to improve Government of Jersey’s overall Information Security. This work is driven by the Chief Information Security Officer.
The Data protection officer role is fulfilled via an outsourced contract with Calligo.