FOI/202100177952 · FOI · unclear

Criteria used in the Scottish Government’s vulnerability disclosure policy: FOI release

Published: 2021-04-15
Received: 2021-03-17
Responded: 2021-03-23
Directorate: Digital Directorate
Topic: Public sector, Work and skills
Exemptions: None detected

Information requested

What criteria is used to determine “good faith” security research, as outlined in the Scottish Government’s Vulnerability Disclosure Policy.

Response

The answer to your question is, in the context of the Vulnerability Disclosure Policy, ‘good faith’ is assessed by the ethics shown by the researcher in respect of actions carried out to probe vulnerabilities. Specifically the intent to disclose the vulnerability to the Scottish Government as soon as possible, and not to disclose it elsewhere or exploit it in any way. About FOI The Scottish Government is committed to publishing all information released in response to Freedom of Information requests. View all FOI responses at http://www.gov.scot/foi-responses.

Contact Please quote the FOI reference Central Enquiry Unit Email: ceu@gov.scot Phone: 0300 244 4000 The Scottish Government St Andrews House Regent Road Edinburgh EH1 3DG

Attachments

No attachments found.

Similar releases

Job vacancies and feedback for unsuccessful candidates in recruitment processes: FOI release 2026-05-15 · not held · 2 files
Compliance Metrics and quality assurance processes for FOI case management and documentation in 2025: FOI release 2026-05-15 · unclear · 2 files
Correspondence involving Special Advisers which relates to FOI requests concerning the Scottish Government’s bond programme: FOI release 2026-05-15 · partially withheld · 2 files
Scottish Public Pensions Agency - Organisational structure for Business Transformation: FOI release 2026-05-14 · unclear · 0 files
Perth and Kinross broadband queries: FOI release 2026-05-14 · not held · 0 files
First Minister's Shetland Isles visit information: FOI release 2026-05-14 · unclear · 2 files
Health Board funding, NHS Resource Allocation Committee comparison, and additional allocations: FOI release 2026-05-14 · released · 2 files
Accountancy in Bankruptcy - Software based data destruction queries: FOI release 2026-05-14 · unclear · 0 files