SW03210 - Information Security: Dealing with Auditing Questions

Only disclose information to those people who are authorised to know and receive it and you should be familiar with HMRC’s policy on Disclosing Information. Our aim is to ensure that only people with a business need and the necessary authority have access to our information.

Because Shared Workspace is an online service, allowing access to customer information, it is essential that all online activities are recorded for audit purposes. The information recorded enables HMRC to identify when members logged in and the activities in which they were engaged which allows for identification of any fraud and system misuse.

Note, information within Shared Workspace is protected by the Data Protection Act SW03250 and Freedom of Information Act SW03255.

Audit Reports

Reports are only taken from the audit records:

  • where requested by HMRC Investigators to provide evidence for enquiries into alleged system misuse or fraud
  • to assist HMRC when investigating a system fault

Reports are not available for HMRC Management Information purposes or for Customer Organisations.