Asked by: Matt Rodda (Labour - Reading East)
Question to the Department for Energy Security & Net Zero:
To ask the Secretary of State for Energy Security and Net Zero, with reference to the Central Digital & Data Office's guidance entitled, Guidance on the Legacy IT Risk Assessment Framework, published 29 September 2023, how many red-rated IT systems are used by her Department as of 21 November 2023.
Answered by Graham Stuart
This information is not held centrally by the department. DESNZ is a new department, so the risk is unlikely to be recorded.
Asked by: Matt Rodda (Labour - Reading East)
Question to the HM Treasury:
To ask the Chancellor of the Exchequer, with reference to the guidance by the Central Digital and Data Office entitled Guidance on the Legacy IT Risk Assessment Framework, published on 29 September 2023, how many red-rated IT systems are used by their Department.
Answered by Gareth Davies - Exchequer Secretary (HM Treasury)
There are no red-rated IT systems used in His Majesty’s Treasury.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, with reference to the Central Digital & Data Office's guidance entitled, Guidance on the Legacy IT Risk Assessment Framework, published 29 September 2023, how many red-rated IT systems are used by her Department as of 21 November 2023.
Answered by Andrew Griffith - Minister of State (Department for Science, Innovation and Technology)
As of 21 November 2023, the Department for Science, Innovation and Technology, as a Ministerial Department, has zero red-rated legacy IT systems as defined in the Central Digital and Data Office (CDDO) Legacy IT Risk Assessment Framework.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, with reference to Qq715-720 of the oral evidence given to the Science, Innovation and Technology Committee by her Department's Director General, Digital Technologies and Telecoms, on 8 November 2023, on what evidential basis her Department concluded that (a) the Information Commissioner's Office and (b) other regulators have sufficient powers to counter the risks associated with artificial intelligence.
Answered by Saqib Bhatti - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The Information Commissioner’s Office’s (ICO) existing powers enable them to address a wide range of current and emerging risks relating to AI within their remit. The ICO has assessed how data protection applies in an AI context. They have identified it as a priority area, due to its potential to pose a high risk to individuals and their rights and freedoms. The ICO has already produced guidance and practical resources, including guidance on ‘AI and Data Protection’, clarifying requirements for fairness in AI.
More broadly, many UK regulators are already taking action to regulate AI in their existing remits, including developing new regulatory tools in the context of AI. For example, the Medicines and Healthcare products Regulatory Agency has published a roadmap for software and AI as a medical device and the Competition and Markets Authority recently published a report on their initial review of AI foundation models. Alongside this, we have begun work to establish a new central function to support regulators to deliver the AI regulatory framework, enabling knowledge exchange and support regulator coordination. We are engaging closely with regulators across the UK and their sponsoring government departments to understand their readiness to regulate AI effectively. This will inform our work to develop policy options with a view to addressing gaps that emerge, which could include future consideration of extending a regulator’s remit or adding additional powers.
Asked by: Matt Rodda (Labour - Reading East)
Question to the HM Treasury:
To ask the Chancellor of the Exchequer, how much their Department spent on (a) current and (b) legacy IT infrastructure (i) in total and (ii) purchased in 2013 or earlier in each of the last three years.
Answered by Gareth Davies - Exchequer Secretary (HM Treasury)
Given there are so many definitions of IT infrastructure, we are unable to provide comprehensive data without clarification on the type of spend.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Home Office:
To ask the Secretary of State for the Home Department, with reference to the guidance by the Central Digital and Data Office entitled Guidance on the Legacy IT Risk Assessment Framework, published on 29 September 2023, how many red-rated IT systems are used by their Department.
Answered by Chris Philp - Minister of State (Home Office)
We do not currently hold data on the amount of money that has been spent on current and legacy IT infrastructure.
As of the most recent update to Public Accounts Committee in December 2022, four systems are deemed Red Rated Legacy systems. There are active update programmes working to replace each of these.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Home Office:
To ask the Secretary of State for the Home Department, how much their Department spent on (a) current and (b) legacy IT infrastructure (i) in total and (ii) purchased in 2013 or earlier in each of the last three years.
Answered by Chris Philp - Minister of State (Home Office)
We do not currently hold data on the amount of money that has been spent on current and legacy IT infrastructure.
As of the most recent update to Public Accounts Committee in December 2022, four systems are deemed Red Rated Legacy systems. There are active update programmes working to replace each of these.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Attorney General:
To ask the Attorney General, with reference to the Central Digital & Data Office's guidance entitled, Guidance on the Legacy IT Risk Assessment Framework, published 29 September 2023, how many red-rated IT systems are used by her Department as of 21 November 2023.
Answered by Michael Tomlinson - Minister of State (Minister for Illegal Migration)
As of 21 November 2023, the Attorney General's Office, as a Ministerial Department, has no red-rated legacy IT systems as defined in the Central Digital and Data Office (CDDO) Legacy IT Risk Assessment Framework.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Department for Education:
To ask the Secretary of State for Education, with reference to the Central Digital & Data Office's guidance entitled, Guidance on the Legacy IT Risk Assessment Framework, published 29 September 2023, how many red-rated IT systems are used by her Department as of 21 November 2023.
Answered by Damian Hinds - Minister of State (Education)
The annual cost of the department’s expenditure on IT infrastructure is approximately £200,000, excluding VAT. The department’s current annual expenditure on IT infrastructure purchased prior to 2013 is £0. From 2010, the department’s infrastructure and platforms have not retained historic records on legacy IT infrastructure for each year.
As of 21 November 2023, the department, as a Ministerial department, has one red-rated legacy IT systems as defined in the Central Digital and Data Office (CDDO) Legacy IT Risk Assessment Framework. The department is actively managing its legacy IT estate and is seeking to exit legacy systems via its existing change plans.
Asked by: Matt Rodda (Labour - Reading East)
Question to the Department for Education:
To ask the Secretary of State for Education, what is the annual cost to the public purse of her Department's expenditure on (a) IT infrastructure, (b) IT infrastructure purchased prior to 2013 and (c) legacy IT infrastructure for each year since 2010.
Answered by Damian Hinds - Minister of State (Education)
The annual cost of the department’s expenditure on IT infrastructure is approximately £200,000, excluding VAT. The department’s current annual expenditure on IT infrastructure purchased prior to 2013 is £0. From 2010, the department’s infrastructure and platforms have not retained historic records on legacy IT infrastructure for each year.
As of 21 November 2023, the department, as a Ministerial department, has one red-rated legacy IT systems as defined in the Central Digital and Data Office (CDDO) Legacy IT Risk Assessment Framework. The department is actively managing its legacy IT estate and is seeking to exit legacy systems via its existing change plans.