Search - National Standard Microsite

to add a new content

Status describes what stage of the lifecycle a standard is at:

Draft - This National Standard workstream is resourced, has clear outputs and is actively in development
Review - The National Standards Assurance Board are currently reviewing this National Standard
Consensus - The category community are now being encouraged to review and give feedback on this National Standard
Live - This National Standard has been through the established process and is now live, being reviewed at least annually
Retired - This National Standard has been retired and is present for historical reference only

National Standards can be classified based on whether they are conceptual, rule based or value based:

Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.

National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.

4Pol Criteria:

Support minimum legal requirements where they exist
Align with the National Policing Digital Strategy to ensure strategic alignment and design
Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
Direct relevance and applicability to policing
Represent best practice
Able to be measured and achieved within the unique landscape of policing

National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.

Internally Amended / Developed

National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:

Analytics - Digital systems capable of creating actionable information from structured or unstructured data
Asset Management - The way in which IT assets are acquired, used and disposed of
Incident, Crime and Records Management Systems
Digital systems used to manage policing and corporate records
Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
Data - Information held in a structured or unstructured digital format
Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
Digital Media - Media stored in an electronic format from any source
Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
Justice - Systems, technologies and methodologies used within the Criminal Justice System
Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
Operational Policing - Specialist operational policing functions
Security - The technology and methodology used in the protection of digital assets and services

Tags are assigned to National Standards to help users find grouped / related documentation

Privileged Access Management Standard

This standard defines the requirements and best practice for privileged access management which should be adopted to manage elevated access consistently and securely across national policing IT systems.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/05/2024

Authoring body: Police Digital Service (PDS)

Principles

Identity & Access Management Standard annual review

This standard defines the requirements which, when applied, will define identity and access management
standards to national policing IT systems. Areas considered include account management, access control
mechanism, privilege access, account provisioning, account review, access suspension and termination,
guest accounts, third party access and audit requirements.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable
reference for community members, notably those who build and implement IT systems on behalf of
national policing.
This standard also relates to other PDS standards such as passwords, system access, PAM, vetting, which
the audience should also consider

Published 01/05/2023

Authoring body: Police Digital Service (PDS)

Standards

National Policing Community Security Principles v1.2

Principles are general rules and guidelines, intended to be enduring and seldom amended, that inform and support and prioritise the way in which National Policing decides which ideas, initiatives and/or opportunities are to be progressed (and warrant investment) and those that are not. These principles are a fundamental part of the National Policing Community Security Policy Framework and provide a foundation upon which a more consistent and structured approach to the design, development, and implementation of information security capabilities can be assembled. The primary focus of these principles is to provide the starting point for, setting the policy, standards and control objectives, which support the Community Security Policy Framework. The audience, scope, objectives, and governance for these principles are defined by the National Policing Community Security Policy Framework, which can be found on Knowledge Hub. For clarity these principles are approved by the Police Information Assurance Board (PIAB) and apply to all members of the ‘Community of Trust’ as defined by the National Policing Community Security Policy Framework, and any suppliers and partners that have access to, store and/or process Police information, to provide services to Policing.

Published 09/02/2023

Authoring body: Police Digital Service (PDS)

Principles

National Policing Community Security Policy v1.0

National Policing will maintain public trust by securing our data and by applying a consistent, proportional approach to technology risk across policing. The Community Security Policy (CSP) is an integral part of the Community Security Policy Framework and combined with Community Security Principles and the supporting standards, control objectives and other supporting documentation will help policing maintain public trust in its management of information assets. This Policy should be read in conjunction with the National Policing Community Security Policy (CSP) Framework, and Community Security Principles with which this policy is aligned. The audience, scope, objectives, governance and exception process for this policy are defined by the National Policing Community Security Policy Framework, which can be found in Knowledge Hub. For clarity this policy has been approved by the Police Information Assurance Board (PIAB) and applies to all members of the ‘Community of Trust’ as defined by the National Policing Community Security Policy Framework, and any suppliers and partners that have access to, store and/or process Police information, to provide services to Policing. This policy has taken into consideration and is aligned with industry best practice, which includes ISO/IEC 27002:2022, CIS Controls v8 (Center for Information Security), NIST Cyber Security Framework, CSA Cloud Controls Matrix v4 (Cloud Security Alliance) and NCSC 10 Steps to Cyber Security.

Published 26/10/2022

Authoring body: Police Digital Service (PDS)

Policy

System Development Standard

This standard outlines the functions within the Secure By Design (SbD) process, aligned to project stages, to ensure a consistent approach to cyber security is achieved throughout a system’s development. The purpose of this standard is to define an approach to ensure that all products / solutions are assured in a repeatable, structured and consistent way. This will enable security controls to be designed into solutions at an early stage, ensuring the secure delivery of solutions across policing, whilst identifying and managing risk to within risk appetite.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/09/2023

Authoring body: Police Digital Service (PDS)

Standards

Cryptography Standard v 1.0

The purpose of this standard is to establish a set of cryptographic algorithms and protocols for use in specific applications for the transmission and storage of Police Data up to the classification of OFFICIAL. The requirements are the minimum acceptable levels of encryption and are aligned to the NIST and NCSC frameworks and are applicable to cloud environment, on premises environments and the data networks that interconnect them.

Published 25/05/2023

Authoring body: The Police Digital Service (PDS)

Standards

System Access Standard

This standard defines the requirements which, when applied, will prevent unauthorised access to national policing IT systems. Areas considered include account management, access control mechanisms e.g. biometrics and customer access.

This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

This standard also relates to other PDS standards passwords and IAM, which the audience should also consider.

Published 02/04/2023

Authoring body: Police Digital Service

Standards

National Digital Case File Standards

The Digital Case File national programme has established standards for how a case file is built and sent to the Crown Prosecution Service through collaboration with suppliers and police forces.

This programme works with a number of organisations, such as the CPS, law enforcement agencies and suppliers to produce a set of standards, which suppliers can then use to produce compatible solutions, allowing law enforcement agencies to send case files digitally to CPS . This is the national standard required for any technical digital case file solution.

This DCF programme is being implemented in police forces now and the attached documents liable to be updated as it progresses.

The National Standards Assurance Board notes that the branding is CGI on the standards as this is reflective of their work in writing them, but this has been in partnership with policing who own and continue to contribute towards them.

Published 14/06/2024

Authoring body: The Police Digital Service

Standards

OVERSEAS IT ACCESS GUIDELINES

This guidance describes best practice risk management controls for accessing Policing ICT resources whilst abroad. It also describes the circumstances when forces can make a local decision or when referral to NSIRO is required when use abroad is required.

Published 02/04/2023

Authoring body: Police Digital Service

Guidance

NCSP Passwords standard V1.1

This Standard supports the principles set out in the National CSP, providing detailed guidance to those implementing and managing PDS & policing systems. This Standard applies to all passwords created for use on PDS & policing systems, including those for user-level accounts, system-level accounts, and any device-specific passwords.

Published 01/04/2024

Authoring body: Police Digital Service

Standards

Showing 91 to 100 of 261 entries.

Previous Page
Page1
Intermediate Pages
- Page2
- Page3
- Page4
- Page5
- Page6
- Page7
- Page8
Page9
Page10
Page11
Intermediate Pages
- Page12
- Page13
- Page14
- Page15
- Page16
- Page17
- Page18
- Page19
- Page20
- Page21
- Page22
- Page23
- Page24
- Page25
- Page26
Page27
Next Page