Devices deployed in Social Security Scotland and plans to procure a number of named services: FOI release

Information requested

Information relating to the number of devices deployed in Social Security Scotland and plans to procure a number of named services.

You provided a table requesting this information relating to specific devices and services and this has been reproduced in our response.

Response

Response to question 1: Information has been included within the attached questionnaire.

Response to question 2: While our aim is to provide information whenever possible, in this instance Social Security Scotland does not have some of the information you have requested. This is because we do not use the applications listed on the questionnaire.

This is a formal notice under section 17(1) of FOISA that Social Security Scotland does not have some of the information you have requested.

Some of the information you have requested is available from Public Contracts Scotland. Under section 25(1) of FOISA, we do not have to give you information which is already reasonably accessible to you. If, however, you do not have internet access to obtain this information from the website listed, then please contact me again and I will send you a paper copy.

Response to question 3: While our aim is to provide information whenever possible, in this instance Social Security Scotland does not have some of the information you have requested. The budget for 2025-2026 has yet to be confirmed.

This is a formal notice under section 17(1) of FOISA that Social Security Scotland does not have the information you have requested.

Response to question 4:

An exemption under section 30(c) of FOISA (prejudice to effective conduct of public affairs) applies to some of the information requested. Disclosing this information would substantially prejudice the Government’s ability to prevent fraudulent activity. This would constitute substantial prejudice to the effective conduct of public affairs in terms of the exemption.

Established fraud risk management theory maintains that a threat actor’s decision to commit fraud is informed by their assessment of three main factors: motivation, rationalisation and opportunity.

The assessment of a threat actor’s opportunity relates to the perceived ease of achieving success balanced against the risk of detection and severity of punishment. Increased opportunity to exploit vulnerabilities, and/or decreased risk of detection and punishment (or simply a perception of this) will have directly aggravating impacts on our fraud risk profile – increasing the number of threat actors who would seek to test our defences which could in turn undermine the effectiveness of our fraud response due to those increased volumes of attacks.

This exemption is subject to the 'public interest test'. Therefore, taking account of all the circumstances of this case, we have considered if the public interest in disclosing the information outweighs the public interest in applying the exemption. We have found that, on balance, the public interest lies in favour of upholding the exemption. We recognise that there is a public interest in disclosing information as part of open, transparent and accountable government, and to inform public debate. However, there is a greater public interest in maintaining the Agency’s ability to prevent fraudulent activity and thus protecting the public purse.

About FOI

The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.

FOI 202400429254 - Information released - Annex

File type

1 page PDF

File size

64.8 kB