Plans to introduce mandatory security improvements across government have become mired in contractual disputes with IT suppliers that do not want to carry the cost. Full story on ComputerWeekly.com homepage.
Government, understandably, wants improvements to IT security after the loss of two CDs at HM Revenue and Customs.
But IT suppliers, understandably, say it'll cost extra.
Several of the outsourcing suppliers have the government over a barrel: their contracts cannot, in practice, be terminated over a dispute related to extra costs of IT security; and third party companies cannot easily bolt on extra security to another supplier's systems.
Ross Cattell, head of enterprise risk at Deloitte, said suppliers felt unfairly criticised by the government. "Suppliers are saying, 'Gold standard is not what you asked for when you outsourced. If you want that, you have to pay more.'
"It is difficult for government departments which are trying to raise the information assurance standards," he said.Sureyya Cansoy, associate director of suppliers' body Intellect, said suppliers are doing all they can to assist the government.
"It should be done in such a way that it doesn't burden suppliers unnecessarily and that any changes to contracts are done under the commercial arrangements already agreed," she said.
"But we've not really tackled it yet."
Government data security hobbled by cost dispute - ComputerWeekly.com