Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
Biometric Standards and Exchange Requirements for Home Office Partners and their Suppliers v3.04
The purpose of this document is to provide details of the biometric interchange and image standards that must be adhered to by Partner1 organisations and their Suppliers that need to communicate with the back end biometric matching systems governed by the Home Office Biometrics (HOB) programme. (Note that the current HOB systems covered in this document are the HOB Biometric Services Gateway (BSG), Home Office “Immigration and Asylum Biometric System” (IABS) and national police fingerprint system, “IDENT1”.)
The document is divided into five parts as follows:
1) The Home Office biometric exchange format – “HONE-1”
2) Biometric recording and image standards, mandatory
3) Biometric recording and image standards, conditional
4) Biographic data, general
5) Appendices
Open Referral UK Standards
Open Referral UK is an open data standard in use by Local Government. This standard establishes a consistent way of publishing and describing information for councils, to ensure the data is effectively used and shared for the benefit of local communities and services (https://www.localdigital.gov.uk/)
Cloud Enablement
Project to identify and provide support to forces as they transition capabilities from legacy on-premises systems to cloud technologies.
For further information, please use the 'Contact Us' tab, to get in touch with the relevant authoring team.
ISO 17020:2012 Requirements for the operation of various types of bodies performing inspection (Crime Scene Investigation)
ISO 17020:2012 specifies requirements for the competence of bodies (including police forces) performing inspection and for the impartiality and consistency of their inspection activities, this specifically relates to forensic practitioners conducting examinations at scenes of crime.
Data Protection Manual
This manual has been produced by the NPCC Data Protection, Freedom of Information, information Sharing and Disclosure Portfolio Group on behalf of the NPCC. It is updated and adapted to reflect decisions made by the NPCC, views of the Information Commissioner’s Office (ICO) (where appropriate) and the evolution of the legislation as it is interpreted, challenged or reviewed.
Note that this manual has not yet been updated to reflect the legislative changes arising from The Data Protection, Privacy and Electronic Communications (Amendments etc)(EU Exit) Regulations 2019 as amended by The Data Protection, Privacy and Electronic Communications (Amendments etc)(EU Exit) Regulations 2020.
The manual should be regarded as a document that both helps to create an environment across the police service in which compliance can be achieved, and as a means of providing guidance in areas of police business where the Act is regularly applied.
The manual contains a wide variety of information including:
- Breakdown of governance and responsibilities
- Definitions
- General processing (GDPR & DPA Part 2)
- Comparison between General Processing and Law Enforcement obligations
- Law Enforcement processing (Part 3 of DPA)
- Intelligence Service processing (Part 4 of DPA)
- Assessing data protection compliance
- The Commisioner, enforcement & offences
- Case studies
- Wide variety of appendices including
- Template DPIA
- Template National data processing contract
- Template information sharing agreement
- Template Data Protection policy
Digital Investigation & Intelligence APP
The digital policing learning programme was created to for officers and staff to update their knowledge regarding digital intelligence and investigation. The programme helps explains the use and misuse of devices and applications and how they appear in the policing world.
The programme’s aim is to ensure that all staff are:
-
confident facing situations where there is a digital element
-
competent in identifying and carrying out the actions required by those circumstances
-
able to ensure they are compliant in their actions.
The Digital Intelligence and Investigation project will deliver learning and knowledge resources that will ensure that all new and serving officers acquire the digital skills they need to undertake investigations effectively.
Mobilisation APP
With the Police responding to critical and complex incidents, sometimes these incidents may require resources that go beyond the capacity and capability of the Police force. Some of these incidents may require the need of other partner agencies, other specialist skillsets and equipment and thus would need to be effectively managed and coordinated. Mobilisation is the process which supports mutual aid, at the local, regional or national level.
The National Police Coordination Centre (NPoCC) is responsible for the mobilisation of police assets, including general policing, operations and crime business areas. A lead force will be responsible for resourcing nationally-led crime enquiries. NPoCC should be the initial point of contact for any mobilisation requirements as it can provide advice and national coordination.
It is important to note that this a challenging area of work, particularly when the length of the investigation is unknown and mobilising crime assets is a new and emerging business field (mutual aid) for the Police service.
ISS4PS Annexes Volume 2
This document was retired in July 2021
The Information Systems Strategy for the Police Service (ISS4PS) is an overarching strategy for Information and Communications Technology (ICT) and Information Systems (IS) for the Police service across the whole of England and Wales. Volume 2 Annexes helps to define and establish a list of standards and should be used a requirements for new developments within the Police Service.
Annex contains guidelines and actions points for:
1. Establishing ISS4PS standards information base (SIB)
2. Actions and guidance for IT Directors
3. ISS4PS compliance to the architectural principles
4. Guidelines for National Programmes focusing on 3 critical ISS4PS policies (Establishing Foundations, Delivering Joined-up Services and Delivering National Initiatives)
5. Criteria's for corporate and national solutions developed or procured by the Police Force
6. Summary of Principles and actions defined in 'Implementing ISS4PS Volume 2'
ISO/IEC 27003:2017 Information Technology — Security techniques — Information Security Management Systems — Guidance
ISO (the International Organisation for Standardisation) and IEC (the International Electrotechnical Commission) form the specialised system for worldwide standardisation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organisation to deal with particular fields of technical activity. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
This document was created to provide guidance on the requirements for an information security management system (ISMS) and provides recommendations, possibilities and permissions.
The following areas are very important for ISMS:
-
understanding the organisation’s needs and the necessity for establishing information security policy and information security objectives;
-
assessing the organisation's risks related to information security;
-
monitoring and reviewing the performance and effectiveness of the ISMS
-
practising continual improvement
The ISMS also has key components such as policies, defined responsibilities, documentation and management processes pertaining to policy establishment, planning, implementation, operation, performance assessment, management review and improvement.
ISO 90011:2018 Guidelines for Auditing Management Systems
This document informs the creation of auditing systems.
With many organisations now wanting to combine a number of management systems into one, there has been awareness to also combine auditing capabilities into one for these management systems. As a result the international standard BS EN ISO: 19011:2011 has created this standard to provide organisations the knowledge for auditing modern management systems, the principles and guidance to ensuring they deliver a high standard of auditing capabilities and that organisations do not fail which could have damaging effects such as losing out on contracts, certifications, and operational efficiency.
Organisations can save vast amount of time, money and resources, by applying a single approach to multiple management systems by streamlining their auditing processes and removing duplication of effort.
This document shed insights into planning, decision-making and evaluating audits.
The standard includes (but not limited to:
-
Scope
-
Principles of Auditing
-
Managing an audit programme
-
Establishing the Audit programme
-
Implementing the audit programme
-
Monitoring an audit programme
-
Reviewing and improving the audit programme
-
Conducting audit activities
-
Preparing audit report
-
Conducting audit evaluation
-
And much more
Fee applies of £254.00 (members price: £127.00) for accessing the standard.
Showing 101 to 110 of 241 entries.