Security

The National Academy for Educational Leadership Wales (Leadership Academy) manages information security to ensure that information assets are properly protected against a variety of threats such as error, fraud, sabotage, terrorism, extortion, industrial espionage, privacy violation, service interruption, theft and natural disaster, whether internal or external, deliberate or accidental.

The Leadership Academy complies with appropriate legislation, Welsh Government policy and best practice guidelines issued by the National Cyber Security Centre (NCSC). The Leadership Academy also has third party assurance of our information security systems via the Cyber Essentials Plus certification.

The Leadership Academy has a duty to preserve, improve and account for all information and information systems. A Board member and Chair of Audit and Risk Assessment Committee has been appointed as the Senior Information Risk Owner (SIRO) and the Chief Executive Data Protection Officer (DPO).

Information is a corporate asset, and the records of the Leadership Academy are important sources of administrative, evidential and historical information. They are vital to the organisation in its current and future activities and for the purposes of accountability.

The Leadership Academy will create, use, manage and destroy or preserve those records in accordance with all statutory requirements.

The Leadership Academy website (nael.cymru) is hosted by DesignDough who use high performance dedicated web servers hosted by first class HPC’s, such as DigitalOcean.