Recommendation 27

We asked MoJ whether the public could have confidence that data stored across MoJ’s systems is safe, following the attack. MoJ stated that it has comprehensively reviewed all of its systems to understand where vulnerabilities lie. It stated that its review had given it a better understanding of where the risks in its systems are and explained that a transformation programme is now in place to update systems and make them less vulnerable. It acknowledged, however, that there are huge costs associated with improving systems and that addressing the risks identified will be dependent on its decisions on how to allocate its Spending Review settlement across the business. It gave the same response, when we asked whether it planned to accelerate the transformation programme in light of the attack on LAA’s systems.52 50 Q 71 51 Qq 77, 88 52 Qq 81-86, 89 16