Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government, further to the Written Answer by Baroness Jones of Whitchurch on 14 May (HL7009), whether the individuals who conducted the risk assessments for the One Login programme held certifications in governance and risk recognised by the UK Cyber Security Council, or an equivalent accreditation; and if not, what steps they have taken to ensure that such assessments meet government and ISO 27001-equivalent standards for competence.

Yes. Individuals conducting risk assessments for GOV.UK One Login hold professional experience and qualifications aligned to knowledge areas and skills as defined by the UK Cyber Security Council.