Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, whether she has made an assessment of the potential merits of including guidance on the role of internal audit in providing independent assurance on telecommunications security risks, in the context of the review of the Telecommunications Security Code of Practice.

The Government keeps the financial health of the market under close review and Ofcom have powers to request financial information from providers. The Telecommunications Security Code of Practice provides guidance on how communications providers can meet statutory requirements to secure their networks and services. These include requirements on auditing, governance and board responsibilities. Ofcom monitor and enforce compliance with these requirements. Following detailed engagement with the National Cyber Security Centre (NCSC), Ofcom and communications providers, the Government have launched a public consultation on proposed updates to the Code, which is open until 22 October.