This snapshot, taken on 05/09/2007, shows web content selected for preservation by The National Archives. External links, forms and search boxes may not work in archived websites.
IATP – The IA Technical Programme – is directed by CSIA within the Cabinet Office, supported by
IATP will:
Information systems are critically important to national security, continuity of government and to the economic and social well–being of the nation. But there are many threats to the availability, integrity and security of these systems, from electronic attack and malicious software through to design and configuration errors and obsolescence. In a rapidly changing environment – with new and sophisticated threats to information security, greater dependence on networks and the Internet and an increased need for working remotely and on the move – the public and private sector and the general public are constantly being exposed to new risks and need to manage them appropriately.
At the same time, the significant changes signalled by the “Transformational Government
” modernisation agenda and the drive for increased efficiency mean that achievement of e–government targets and take–up of services will be jeopardised if people do not have trust and confidence in those services. Together with historical funding and developmental challenges and the commercial difficulties experienced by a small market sector, a programme for safeguarding the most vital aspects of government information and delivering new IA capability is essential.
What does the Programme seek to achieve?
The IATP will improve HMG's approach to IA in the UK through the delivery of capability and business change management across government and industry, seeking to draw together government requirements and demand and help industry provide appropriate products and services in a more timely and cost–effective manner. This means UK government working much more closely and cohesively together, and with the UK information communications technology (ICT) industry, than hitherto to create a viable commercial marketplace – and doing this at pace while maintaining quality. It also means creating greater capacity to approve commercial offerings to the necessary standard, and developing an approved catalogue from which government departments acquire their capability.
The vision is that, over the next five years, the IATP will enable UK government departments to take advantage of the latest ICT while allowing them to use the best available solutions to manage the risks to the confidentiality, integrity and availability of their information in a responsible and more informed way.
The programme will seek to maximise provision of Commercial–Off–The–Shelf (COTS) products and services through increasing private sector confidence and investment, only employing traditional (government–developed) procurement techniques where unavoidable. “Government–enabling
” processes will be used where necessary to stimulate the market by collating requirements and recommending, or mandating, use by Government departments. Consideration will be given to strengthening policy around the use of approved, i.e. IA–compliant, architectures, and quality control will be exercised by CESG.
To help achieve its aims, the surrounding IA infrastructure – including technical and commercial policy, standards and processes – will need to change, and there will be extensive stakeholder engagement, research and cooperation across the IA community. Sharing IT services and improving the efficiency of sharing information within and between organisations are also high on the agenda.
IATP is directed by the Central Sponsor for Information Assurance (CSIA), part of the Cabinet Office, which is also responsible for the management of business change and capability definition on the programme. The Senior Responsible Owner for the programme, the Cabinet Office Director of Intelligence and Security, reports to SO (Official Committee on Security). The Programme Director reports to a Sponsoring Group largely made up of the funding Departments. The programme is managed on a day–to–day basis from a joint CSIA/CESG Programme Office in Cheltenham, with CESG leading on delivery of the programme.
So where has IATP currently got to?
The programme has been divided into several Delivery Tranches. The first of these is an Early Deliverable Tranche, running to the end of 2007, consisting of some sharply focused work to provide capability to customer departments in the short term. This includes improvements to secure telephony, delivering secure remote working from home, and domain separation so that government can safely manage data at different levels of security. The first demonstrations and pilots were delivered towards the end of 2006.
Will the emphasis of the Programme remain on high–grade assurance?
IATP is currently focused on, and funded by, those Government departments processing the most sensitive information (the “High Threat Club
” of MoD, FCO, Cabinet Office and the intelligence agencies). However, the scope of the programme will broaden under Comprehensive Spending Review (CSR07) to cut across all Government departments, and deepen to deliver the changes necessary to implement the modernised national IA Strategy that is being developed by CSIA.
If you have any questions or comments about the programme, please e–mail: iatp@cabinet-office.x.gsi.gov.uk