Information Security: Dealing with Auditing Questions
Only disclose information to those people who are authorised to know and receive it and you should be familiar with HMRC’s policy on Disclosing Information. Our aim is to ensure that only people with a business need and the necessary authority have access to our information.
Because Shared Workspace is an online service, allowing access to customer information, it is essential that all online activities are recorded for audit purposes. The information recorded enables HMRC to identify when members logged in and the activities in which they were engaged which allows for identification of any fraud and system misuse.
Reports are only taken from the audit records:
- where requested by HMRC Investigators to provide evidence for enquiries into alleged system misuse or fraud
- to assist HMRC when investigating a system fault
Reports are not available for HMRC Management Information purposes or for Customer Organisations.