I guess there'll be a rash of 'me too' on this subject. We're (hopefully) about to embark on the same kind of exercise as audit have just finished inspecting our current policies / procedures in relating to information security. Eagerly await their recommendations even though it'll mean more work for me - because they found some lack of cohesion & glaring holes, especially in the non-technical side. So really interested in advice from anyone who has already tackled these issues and how to tie the whole thing back to DPA, FOI, etc. Kirsty E Gray Information Rights Officer Gateshead Council Tel. No: (0191) 433 2170 Fax. No: (0191) 478 2755 mailto:[log in to unmask] http://www.gateshead.gov.uk (Note - views expressed are those of the sender, are provided for discussion and debate and do not necessarily reflect the council's corporate position.) ********************************************** Gateshead Council back the NewcastleGateshead bid to be European Capital of Culture 2008 ********************************************** Important Information This e-mail constitutes a confidential communication and is subject to legal privilege. If you have received this e-mail in error, please notify us immediately. You should not use or copy it for any purpose, nor disclose it to any other person.