FOI 67-25 FOI 60-25: Information in regards to the number of IT equipment deployed to the organisation

Information Standards Freedom of Information Response

27 November 2025

Our Ref: FOI 67-25

Freedom of Information Act 2000

 

I am writing to confirm that the Northern Ireland Assembly Commission (Assembly Commission) has processed your request dated 30 October 2025 in line with the Freedom of Information Act 2000 (FOIA). Your request was as follows—

“Q1. Can you please list the number of devices deployed by your organisation for the following by Device Type and the Number of Devices?

a)    Desktop PCs         

b)    Laptops      

c)    Mobile Phones      

d)    Printers       

e)    Multi-Functional Devices (MFDs)        

f)     Tablets        

g)    Physical Servers   

h)    Storage Devices (for example: NAS, SAN)   

i)      Networking Infrastructure (for example: Switches, Routers, Interfaces, Wireless Access Points)     

j)      Security Infrastructure (for example: Firewalls, Intrusion Detection Systems (IDS), Virus Monitoring Tools)

 

Q2. Does your organisation have plans to procure any of the below services, if yes then please provide information
in the below format?

a)    Cloud Computing

b)    Software as a service (SaaS)

c)    Platform as a service (Paas)

d)    Infrastructure as a service (Iaas)

e)    Anything as a service (Xaas)

 

Q3. Does your organisation have any plans to procure the below services,

if yes then please provide required

a)    Network Security

b)    Cloud Security

c)    Endpoint Security

d)    Mobile Security

e)    IoT Security

f)     Application Security

 

Q4. Does your organisation have any plans to procure below services, if yes then please provide information in the below format?

a)    Data and Analytics

b)    AI and Automation

c)    Digital Transformation

d)    ERP Systems

 

Q5. Has your organisation implemented any form of AI or automation services, and if not, what is the reason for not implementing? Example:

a)    Implemented

b)    Minor implementation with completed AI strategy

c)    Plans to develop implementation

d)    Due to legacy systems


Our response

Q1. The Assembly Commission holds information in relation to your request, which has been outlined in Appendix A.

Q 2-5(b,d). The Assembly Commission considers that the information relevant to this part of your request is exempt from disclosure under section 43(2) of the FOIA on the grounds that it is commercially sensitive. This section provides as follows—

‘(2) Information is exempt information if its disclosure under this Act would, or would be likely to, prejudice the commercial interests of any person (including the public authority holding it)’.

Section 43(2) of the FOIA 2000 is a qualified exemption and the Assembly Commission has accordingly considered whether the public interest in maintaining the exemption outweighs that in providing the information.

The Assembly Commission notes the following factors relevant to maintaining the exemption—

I.          There is a significant public interest in private companies, including SMEs, being able to compete for public contracts on a level playing field, and disclosure of the withheld information would prejudice the ability to compete, and undermine that public interest.

II.          It is more likely than not that disclosure of the information sought at Q2-5 (b,d) would lead to costs for goods and services provided to the Assembly Commission being used as a benchmark for future person’s bids to supply goods and services to the Assembly Commission.  This is likely to result in higher procurement costs. It would erode any commercial advantage the Assembly Commission has in such negotiations, have a negative effect on value for money procurements, and impact negatively on the public purse.

III.         While there is a significant public interest in ensuring proper scrutiny of the Assembly Commission’s use of public money, this can be achieved in a manner which is less likely to prejudice the commercial position of the Assembly Commission and third parties – via scrutiny of the Assembly Commission’s budget by the Assembly’s Audit Committee, audit of the Assembly Commission’s financial statements by the Northern Ireland Audit Office and compliance with public procurement legislation, including publication of contract awards.  

The Assembly Commission notes the following factor relevant to disclosing the information—

There is a significant public interest in ensuring proper scrutiny of the Assembly Commission’s use of public money and the manner in which it carries out public procurements.

In this case, the Assembly Commission has determined that the public interest in maintaining the exemption outweighs the public interest in disclosure.

Q 5(a) The Assembly Commission uses basic Azure AI services.

Q 5(c) The Assembly Commission’s plans are focused on exploratory prototyping to assess the capabilities, maturity, and potential applicability of these technologies. This work has been focused on understanding use-cases, identifying potential benefits, and ensuring alignment with our governance, security, and data protection requirements. No information is held on future adoption.  Any such adoption will take place in accordance with Assembly Commission  internal assurance processes.

 

Further Information

You may request an internal review of this decision by the Assembly Commission.  If you wish to request such a review, please write to me at the above address.  If, after that review, you are dissatisfied with the way in which the Assembly Commission has handled your request for information, you may complain to the Information Commissioner’s Office (ICO) at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Your request for information and our response may be published in the disclosure log maintained by the Assembly Commission under a publication scheme agreed with the ICO. The request and our response will be anonymised.

 

Yours sincerely

INFORMATION STANDARDS

 

Appendix A

Q1. Can you please list the number of devices deployed by your organisation for the following by Device Type and the Number of Devices?

 

  • Desktop PCs         
  • Laptops      
  • Mobile Phones      
  • Printers       
  • Multi-Functional Devices (MFDs)        
  • Tablets        
  • Physical Servers   
  • Storage Devices (for example: NAS, SAN)   
  • Networking Infrastructure (for example: Switches, Routers, Interfaces, Wireless Access Points)     
  • Security Infrastructure (for example: Firewalls, Intrusion Detection Systems (IDS), Virus Monitoring Tools)

Device Type

 

Number of Devices

 

Desktop PCs

666

Laptops

98

Mobile Phones

130

Printers

0

Multi-Functional Devices (MFDs)

157

Tablets

196

Physical Servers

32

Storage Devices (for example: NAS, SAN)

0

Networking Infrastructure (for example: Switches, Routers, Interfaces, Wireless Access Points)

248

Security Infrastructure (for example: Firewalls, Intrusion Detection Systems (IDS), Virus Monitoring Tools)

8