Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the potential impact of major broadband providers not having internal audit functions on (a) risk management and (b) cybersecurity governance .

The Government keeps the financial health of the market under close review and Ofcom have powers to request financial information from providers. The Telecommunications Security Code of Practice provides guidance on how communications providers can meet statutory requirements to secure their networks and services. These include requirements on auditing, governance and board responsibilities. Ofcom monitor and enforce compliance with these requirements. Following detailed engagement with the National Cyber Security Centre (NCSC), Ofcom and communications providers, the Government have launched a public consultation on proposed updates to the Code, which is open until 22 October.