ࡱ> nm g2\pGriffiths Pamela Ba==K"8X@"1jCalibri1jCalibri1jCalibri1jCalibri1jCalibri1jCalibri1jCalibri1 jCalibri1jCalibri1,jMS Shell Dlg 21*h6j Calibri Light1,6jCalibri16jCalibri16jCalibri1jCalibri1jCalibri1<jCalibri1>jCalibri1?jCalibri14jCalibri14jCalibri1 jCalibri1 jCalibri1jCalibri1 jCalibri""#,##0;\-""#,##0""#,##0;[Red]\-""#,##0""#,##0.00;\-""#,##0.00#""#,##0.00;[Red]\-""#,##0.005*0_-""* #,##0_-;\-""* #,##0_-;_-""* "-"_-;_-@_-,)'_-* #,##0_-;\-* #,##0_-;_-* "-"_-;_-@_-=,8_-""* #,##0.00_-;\-""* #,##0.00_-;_-""* "-"??_-;_-@_-4+/_-* #,##0.00_-;\-* #,##0.00_-;_-* "-"??_-;_-@_-                                                                       ff + ) , *     P  P        `            a>    x@ @ 2  x@ @   x!@ @   @ @    x@ @  8@ @  8!@ @   8 x!@ @  8!@ @  8!!@ @  8 0     8 @ @  x@ @  x!@ @  X x x@ @ 2 8!@ @  8!!@ @  x x@ @  8  x  x x@ @  x!@ @  X P x@ @  x@ @  x!@ @  x!@ @  x!!@ @   X X  @ x X x!@ @  8!@ @  x!@ @  x@ @ 2 "0@ @     X  (@ @   ( 8!@ @  8!!@ @  8  8@ @   h@ @   `@ @  x!@ @   h!@ @   `!@ @   8@ @  8@ @   _-;_-* "}A}? _-;_-* "P-@_- }A}@ _-;_-* "-@_- }A}A _-;_-* "-@_- }-}B _-;_-* "}-}C _-;_-* "}-}D _-;_-* "}A}E _-;_-* "-@_- }-}F _-;_-* "}-}G _-;_-* "}-}H _-;_-* "}A}I _-;_-* "-@_- }-}J _-;_-* "}-}K _-;_-* "}-}L _-;_-* "}-}M _-;_-* "}-}N _-;_-* "}-}O _-;_-* "}-}P _-;_-* "}A}Q _-;_-* "-@_- }A}R _-;_-* "-@_- }-}S _-;_-* "}-}T _-;_-* "}-}UP* "}-}V P* "}-}W P* "}-}X P* "}-}Y* "}-}Z * "}-}[ * "}-}\ * "}A}] * "-@_- }A}^ * "-@_- }-}_ * "}-}` * "}A}a * "-@_- }-}b * "}-}c * "}-}d * "}-}e * "}-}f * "}-}g * "}-}h * "}-}i * "}A}j * "-@_- }A}k * "-@_- }-}l * "}-}m * "}A}n * "P-@_- }-}o * "}-}p * "}-}q * "}-}r * "}-}s * "}-}t * "}-}u * "}-}v * "}-}w * "}-}x * "}A}y * "-@_- }-}z * "}-}{ * "}A}| * "-@_- }-}} * "}}~}-} * "}-} * "}-} * "}-} * "}-} * "}-} * "}-} * "}-} * "}-} * "}-} * "}(} * "}-} * "}}}-}+ * "}-}, * "}-}- * "}-}. * "}-}; * "}A}1 * "-@_- }A}2 * "?-@_- }A}3 * "23-@_- }-}4 * "}A}0 a* "-@_- }A}( * "-@_- }A}7 e* "-@_- }}5 ??v* "̙-@_-    }}9 ???* "-@_- ??? ??? ??? ???}}) }* "-@_-    }A}6 }* "-@_- }}* * "-@_- ??? ??? ??? ???}-}= * "}}8 * "-@_-    }-}/ * "}U}< * "-@_-  }A}" * "-@_- }A} * "ef-@_- }A} * "L-@_- }A} * "23-@_- }A}# * "-@_- }A} * "ef-@_- }A} * "L-@_- }A} * "23-@_- }A}$ * "-@_- }A} * "ef-@_- }A} * "L-@_- }A} * "23-@_- }A}% * "-@_- }A} * "ef-@_- }A} * "L-@_- }A} * "23-@_- }A}& * "-@_- }A} * "ef-@_- }A} * "L-@_- }A}  * "23-@_- }A}' * " -@_- }A} * "ef -@_- }A} * "L -@_- }A}! * "23 -@_-  20% - Accent1M 20% - Accent1 ef % 20% - Accent2M" 20% - Accent2 ef % 20% - Accent3M& 20% - Accent3 ef % 20% - Accent4M* 20% - Accent4 ef % 20% - Accent5M. 20% - Accent5 ef % 20% - Accent6M2 20% - Accent6  ef % 40% - Accent1M 40% - Accent1 L % 40% - Accent2M# 40% - Accent2 L˭ % 40% - Accent3M' 40% - Accent3 L % 40% - Accent4M+ 40% - Accent4 L % 40% - Accent5M/ 40% - Accent5 L % 40% - Accent6M3 40% - Accent6  L % 60% - Accent1M 60% - Accent1 23 % 60% - Accent2M$ 60% - Accent2 23 % 60% - Accent3M( 60% - Accent3 23 % 60% - Accent4M, 60% - Accent4 23f % 60% - Accent5M0 60% - Accent5 23 %! 60% - Accent6M4 60% - Accent6  23Ў % "Accent1AAccent1 Dr % #Accent2A!Accent2 }1 % $Accent3A%Accent3  % %Accent4A)Accent4  % &Accent5A-Accent5 [ % 'Accent6A1Accent6  pG %(Bad9Bad  %) Calculation Calculation  }% * Check Cell Check Cell  %????????? ???+ Comma,( Comma [0]-&Currency.. Currency [0]/Explanatory TextG5Explanatory Text % 0Good;Good  a%1 Heading 1G Heading 1 DTj%Dr2 Heading 2G Heading 2 DTj%?3 Heading 3G Heading 3 DTj%234 Heading 49 Heading 4 DTj% 5InputuInput ̙ ??v% 6 Linked CellK Linked Cell }% 7NeutralANeutral  e%3Normal % 8Noteb Note   9OutputwOutput  ???%????????? ???:$Percent ;Title1Title DTj% <TotalMTotal %DrDr= Warning Text? Warning Text %XTableStyleMedium2PivotStyleLight16`4iTrust QuestionsCyber Questions,8 Question 1JWhat is your organisation's IT spend in FY15/16 and projected for FY16/17?FY15/16FY16/17OverallCapital Revenue Question 2EDoes your organisation outsource any or all of its IT infrastructure?Yes/No<If yes, who is the main supplier or shared service provider?If no, please give details:Annual spend FY15/16Contract renewal datePercentage outsourcedDesktop management Networking Data centreMobile device managementServer management IT securityOther (please specify) Question 3IWhat elements of your IT infrastructure are managed by a cloud provider? Yes/No/specify Main supplier Data storageBack-up and archiveProcessing and compute capacityApplication databasesBig data analytics databasesEmail and collaboration Question 4QDoes your organisation plan to move to a cloud-based service in the next 2 years?YesNoNotes Question 5\What percentage of your servers are virtualised and what virtualisation platform do you use?Response/What percentage of your servers are virtualised)Virtualisation platform and main supplier Question 6/How does your organisation manage data storage? Please selectOn premise/Off premiseLocal departmental serversIn-house data centreOutsourced cloud providerOutsourced data centreShared service Question 7KHow many servers does your organisation have and are these owned or leased?Number of serversOwned or leasedAverage age of servers Question 8]Please specify your organisation's network suppliers, annual spend and contract renewal datesAnnual spend - FY15/16Fixed line telecomsMobile telecomsData network (broadband)WiFi (hardware)CoIN (if applicable)WANLAN Question 99Please outline the extent of your trust's WiFi coverage? #Percentage of organisation covered Community wide (e.g. CoIN)Enterprise wide (whole campus)Main building onlySections of building(s) only(Mobile phone signal enabled through WiFi*No wireless networks are used in the trust Question 102Does your organisation have a BYOD or CYOD policy?Bring Your Own Device (BYOD)Choose Your Own Device (CYOD) Question 11HWhat mobile device management (MDM) software does your organisation use?Main product and supplier SmartphonesLaptopsPCsTabletsOther (please specify): Question 12@Does your organisation have a mobile threat prevention solution?Product Question 13+What devices are used by your organisation?Number across organisationAverage age of product Question 14@What video/web conferencing software does your organisation use?(Main product (e.g. Skype, Jabber, Webex) Annual spend Question 15DWhat desktop operating system software is used by your organisation? Main product Question 16GWhat personal office productivity software is run by your organisation?Product and versionPLicencing model (e.g. cloud-based, enterprise-wide, concurrent-user, named user)Number of licences Question 17DDoes your organisation use NHSmail or a locally hosted email system?NHSmail(Locally-hosted (please specify provider)Both#Are you moving to NHSmail2 (Yes/no)c Does your organisation have a SIRO (senior information risk owner) responsible for cyber security?Job title of responsible personName of PersonJDoes your organisation have a board member responsible for cyber security?APlease provide the name of your organisation's Caldicott GuardianName Job titleNIs your organisation an 'Early Adopter' in the NHS Digital CareCERT programme?cHas your organisation had an on-site assessment as part of the NHS Digital CareCERT Assure service?Date of assessmentOHas your organisation undertaken penetrative testing in the last twelve months?4Does your organisation have ISO 27000 accreditation?Has your organisation suffered disruption of access to data and systems as a result of a cyber attack in the past twelve months?jDoes your organisation have the following solutions in place to protect and manage your IT infrastructure?SupplierFirewallData encryptionIncident reporting Web securityMobile threat prevention(Distributed denial of service protectionReal-time monitoring solution)Zero-day protection - threat intelligenceJDoes your organisation have a specialist security supplier and if so who?Does your organisation have a plan for how to implement the new General Data Protection Regulation (GDPR) that comes into force on 25 May 2018?N/AVMWare - InsightOnProact / NetApp150kO20 Cisco UCS servers hosting 300 Virtual servers and approx 40 physical serversOwned3 YearsProact / Computacenter120kBTVodafone Virgin MediaCisco290k136k1k20kV/A65kAirwatch2 yrsInsightHP Windows 7 Microsoft0kMS Office 2010 ProConcurrent UserMS Exchange 2010Under appraisalDirector of Finance Rob ForsterAs aboveAs Above Sanjay AryaMedical Director Section 36.Supplier disclosire could undermind protectionrServices will have risks identified for them in line with the penalties outlined in the EU-GDPR, they will be accountable to the organisation to ensure the risks are mitgated. The risks will require evidence of action, which will provide evidence for the Trust IG toolkit and all risks and actions will be audited by our external auditors before the EU-GDPR becomes law.173kE +F5GG{H4IJ}KoL=MDNNw P Q 6R S@UJV_X^XXYYcc PK![Content_Types].xmlN0EH-J@%ǎǢ|ș$زULTB l,3;rØJB+$G]7O٭VGR.e1a$n%N91G7Z(Lj$>{ҿQ>HjlIh촪b-{gv|g'=/:~E[7 r!7\&0;9$4 kas6r}SXi٬ kGAsPZxC}s7T A`?^R|{֯A)oViנt] f9dQ)/P yt),b-FO@)$zh QGpED 0\UF:W@?i i !SNy?yW޼W6Veda?~ǗH }˯S+.Lۯ_:w9:1c# $BĒ@v_#m' xg:J3F{; pOeXxJ=B5w%%WRُE!ED `)Ǝ}Nec2L>'^I& B ڲǨk|f#a[ ?2(v?B2r O/0epp<^ ø~Lױ䒜t!L䀝#/]1I"8EC&]cf~@^w?!rcH&"@7+̬aWʮ]N[->˜s4{A--FU+";V{IMGDX!; z+Q#O}i!T9g*}@&>itWYK w忋1ؗO-ؗ /-ݔym&Z3A`-X/DT]b+޴1$l~ڞ8vix܊uVg_J9jpۚZ%1Tݜu\w5}Wo/_2:^Ƈ㺗NV>N/S/٨ӎG{|ұ\S|$_4 *9}܉#en8#,Dz!%pbc6KO:UuVVd1^ q8),NrBn(ː0&I$Ae$} Fs+(,-~@- z!8|z]̏}ƴ"ZMn+{VM)u[}B^%UVLfQSwӰ٨];6  #76jt0xrQ CM_-[mvBv9h{4my&Oފv~-*pX A R7 aX zPXdW~Wt]xsKsc2eM\_WkŽ|@yިvQj׻R0J~W4h[ ;[aԨQQhK͠Vnkt_d #QΚPK! ѐ'theme/theme/_rels/themeManager.xml.relsM 0wooӺ&݈Э5 6?$Q ,.aic21h:qm@RN;d`o7gK(M&$R(.1r'JЊT8V"AȻHu}|$b{P8g/]QAsم(#L[PK-![Content_Types].xmlPK-!֧6 0_rels/.relsPK-!kytheme/theme/themeManager.xmlPK-!w')Ɉ theme/theme/theme1.xmlPK-! ѐ' theme/theme/_rels/themeManager.xml.relsPK]  g2  D}  dMbP?_*+%,&ffffff?'ffffff?(?)?M\\wlprdrpsin02\FollowYou347-D9  4dXXc4>xTr0 :;?(xQ,/дKKGұύ)vzμ7LCn6j"ޙ/ͻ1ϐ=ª{c>awOgGzh O74 sX$r!y&yR%cZe)@Dopw9zSo!Ik7ho:Kv|ьЮSIHGlaUC^zsEhsm[1i -Ir?ndk 4ƹ q[p|94-!ZHU#fVN M@afB[Ǻc2c3SEVYjk9g'#P}y|(( j^*mt6&lofa\j] +5ɖFpj# ؜su2!3Qy,2H^}Tp*հ.( b%CVydI4dH(KYlP&%|RT{28}v&U.Zh10eeBT_>x 0EdBn܉d&⿛snfɕt+#ѱ1 ? @ ABCCD> E")\ҍSUA DD"R%BMA DDCCCD> ElPAx\GACCCDH Ig7PoLLLMNNNNN >OCCCCCD P ? Q Q Q Q Q RBNNNN > E ~# u u u u u> E # u u u u u> E # u u u u u > E # u u u u u > E # u u u u u > E # u u u u u H I u u u u u u NNNNN  >SCCCCCD P ? Q Q Q R BD> E # u u u CD> E # u u u CD> E # u u u CD> E # u u u CD> E # u u u CD> E # u u u CD> E # u u u CDH I u u u uLMNNNNN HTLLLLLMNNNNN P U! Q" Q# Q R$BMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN H E # u u uLMNNNNN DNlJv@Jllllllb^^^^^^^h$lhhhhhh ; ! ; " g# ,$ ; % ; & g' ; ( ,) ; * ; + ; , ; - ; . g/ 0 ,1 ,2 X3 ; 4 ; 5 g6 ,7 ,8 ,9 ,: ,; ,< ,= ; > ; ? g H I u u u u LMNNNNN !HTLLLLLMNNNNN "P% "U& "R'"BLLLMNNNNN #H #E(~ #VT@#LLLLMNNNNN $H $I) $W$LLLLMNNNNN %HXLLLLLMNNNNN &P* &U+ &Q, &Q- &Q &Q &R &BNNNNN 'H 'Y. '# 'u 'u 'u 'u'ZNNNNN (H (E/ (" ( ( (~ (@@(MNNNNN )H )E0 )# )u )u )u )u)MNNNNN *H *E1 *# *u *u *u *u*MNNNNN +H +E2 +# +u +u +u +u+MNNNNN ,H ,I ,u ,u ,u ,u ,u,MNNNNN -[TLLLLLMNNNNN .P3 .?4 .Q' .R$.BLLMNNNNN /[ /E5~ /F@u@ //LLLMNNNNN 0\ 0E6 00GLLLMNNNNN 1[ 1E7 11GLLLMNNNNN 2[ 2E 22GLLLMNNNNN 3[ 3I 3u3KLLLMNNNNN 4>OCCCCCD 5P8 5U9 5] 5]: 5^ 5B_`6> 6E; 6 6~ 6@ 6CCD7> 7E< 7 7~ 7`@ 7CCD8> 8E= 8 8~ 8@@ 8CCD9> 9E> 9 9 9 9CCD:> :E? : : : :CCD;> ;a@ ; ;~ ;@ ;CCD<> <aA < < < <CCD=> =I =u =u =v =CCD>>OCCCCCD ?PB ??C ?Q ?RD?BCCDDl lh$HDD$xtttttt$TPDDDDVRRRRRRRR@ ,A ,B ,C ,D ,E ; F ; G gH ,I ; J ; K gL ,M ,N ,O ,P ; Q ; R gS  T ; U gV ,W ,X ,Y ; Z ; [ g\ ,] ,^ ,_ ; @> @EE @b# @c@CCCDA> AEF Ab"~ A?ACCCDB> BEG Bb# BcBCCCDC> CEH Cb# CcCCCCDD> DEI Db"~ D?DCCCDE> EIJ Ed EeECCCDF>OCCCCCD GPK G?L GR GBCCCDHf HEM Hc#Hg___`hhhhh I> IIN Iv#ICgCCDJ>iC__CCD KPO K?P KQQ KQ: KR KBCDL> LER L L L LCCDM> MES M M M MCCDN> NET N N N NCCDO> OEU O O~ O@@ OCCDP> PIV Pu P P PCCDQ>jCCCCCD RPW R?X RQ RRYRBCCD S>k Sl" S{SCCCDT>iCC__CD UPZ U?[ UQ\ UQ] UR UBCDV> VER~ VF V V{ VgCDW> WES~ WF@ W W{ WgCDX> XET~ XF@ X X{ XgCDY> YIU~ YJI@ Yu Yv YCCD Z>OCCCCCDhhhhh [P^ [U_ [Q' [R$[BCCD\> \E` \\GCCCD]> ]E ]]GCCCD^> ^Ea ^^GCCCD_> _I _u_KCCCDD lFFFFFF>D:VRRRRRJ<VRRRR$J:::` ; a gb ; c ; d ge ,f ,g ; h ; i gj ; k ,l ,m ,n ,o ,p,q,r,s,t,u,v,w,x,y,z,{,|,},~,`>SCCCCCD aPb a?c aQd aQ aQa aR aBD b>m bu bu bu bv bCDc>OCCCCCD dPe dnf dR'dBCCCDe> eEg eceCCCCDf> fEh fcfCCCCDg> gIi~ ge@gCCCCDh>SCCCCCD iPj i?k iQl iQm iQn iRo ioD j>m j" j ju" jv jCDk>OCCCCCD l>Sppppppqqqqq m>SCCCCCDn>rCCCCCDo>OCCCCCDp>OCCCCCDq>OCCCCCDr>OCCCCCDs>OCCCCCDt>OCCCCCDu>OCCCCCDv>OCCCCCDw>OCCCCCDx>OCCCCCDy>OCCCCCDz>OCCCCCD{>OCCCCCD|>OCCCCCD}>OCCCCCD~>OCCggggB$XbT>:::bT$>@CB Sheet1ggD g2 'ͬݶA  dMbP?_*+%,&ffffff?'ffffff?(?)?",333333?333333?q&<3U} } } } $} 'g, ; g, ; ;, ;  ; ,  ;  ; , ; ;, ; ;, ; ;, ; ;BBBBBBB P ?p Q Qq Rr st HI u" u v wwqN P ?s Q Qq Rr st HI u" u v wwqN P ?t Qu Rv stt HI u v wwwqq NN P ?w R  sttt HI v# wwww q NN P% ?x Q Ry stt HI u# vwwwqq NN P* ?z Q Q$ stt HI u#vwwwq NN P3 ?{ Q R$ stt HI u#vwwwq NN P8 ?| Q R$ stt HI u#vwwwqN xB ?} Q Q~ R$ xNq y z" z {Nq y z" z cNq y z" z Nq y z" z Nq y z" z Nq y z" z Nq y z" z ND lTFTFH:"<.H."H.H.H.TLLLLLL M !, ",#M $, %,&   q | }" }  N!q!N "PK "? "Q "Q~ "R$ "st #HI #u #u # #ww$q$N %PO %? %Q %R$ %stt &HI &u" & &wwwxLTFH>@&&& Sheet2ggD Oh+'0@Hd Suzanne ArmengolGriffiths PamelaMicrosoft Excel@[Mq6w@sS)՜.+,0HP X`hp x  Trust QuestionsCyber Questions  Worksheets  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\^_`abcdfghijklRoot Entry FSi)WorkbookSummaryInformation(]DocumentSummaryInformation8e