Report a security incident

If a security incident takes place, it's important that it's reported as soon as possible. This page lets you know what could count as an incident and tells you the best way to report one.


If you become aware of a security or confidentiality problem, or if an incident has occurred, you must immediately report it via Service Desk Online (opens in a new window).

Incidents include:

  • password disclosure
  • loss / theft / disclosure of confidential or sensitive electronic data / emails
  • loss / theft / disclosure of confidential or sensitive written data / faxes / photocopies
  • virus warnings / alerts on your PC
  • loss / theft of equipment such as laptops, USBs, DVDs or external hard drives
  • loss of corporate ID badge
  • finding sensitive / confidential information.

Security incidents can also be reported by phoning the Transformation Service's helpdesk internally on ext: 37777

Report a potential risk to data security or confidentiality

If you become aware of something that you think could be a potential risk to security or confidentiality, you must immediately report it via Service Desk Online (opens in a new window).

Potential risks include:

  • doors propped open
  • delivery vans unattended with doors open
  • screens sited near windows or where they can be overlooked
  • calendars left on walls
  • trees obscuring CCTV cameras
  • documents left in printers, scanners or fax machines.

Related documents

The following documents are in Portable Document Format (PDF). You can download software to view PDF documents for free from the Adobe website (opens in a new window)