Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
ISO/IEC 27034-2:2015 IT Security techniques - Application Security - Part 2: Organisation Normative Framework
This document provides a framework for application security.
ISO (the International Organisation for Standardisation) and IEC (the International Electrotechnical Commission) form the specialised system for worldwide standardisation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organisation to deal with particular fields of technical activity. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
There is an ever increasing need for businesses to focus on protecting their information and technological infrastructures and Organisations must do this in order to stay in business. ISO/IEC 27034 provides concepts, principles, frameworks, components and processes to assist organisations in integrating security seamlessly throughout the life cycle of their applications. When an organisation uses a systematic approach for improving application security, it provides the organisation evidence and confidence that information being used and held in its application is being adequately protected. This part of ISO/IEC 27034 defines the processes required to manage the security of applications in the organisation.
The Organisation Normative Framework (ONF) is a key component for application security and provides a framework for best practises. It is the foundation of application security in the organisation. All organisations should base their decision regarding application security on this framework.
Therefore the purpose of this part of ISO/IEC 27034 is to assist organisations to create, maintain and validate their own ONF in compliance with the requirements of this International Standard.
Intended audience are managers, domain experts, auditors, ONF committee.
Bluetooth General Guidance (v1.1)
Guidance on the risk-based approach to using Bluetooth enabled technology within the policing environment, including examples. This guide does not cover all use cases and for advice on exemptions for specific use cases, the NPIRMT team should be approached to provide a bespoke risk assessment.
National Digital and Physical Evidence Retention Guidance
This document seeks to provide clarity and national guidance on the retention of both physical and digital evidence in order to provide policing with a framework to support a comprehensive physical and digital storage strategy.
There are a vast number of legislative sources to help determine how to manage and retain evidence, further compounded by confusion around records managed under Management of Police Information (MoPI) and physical evidence principally managed under the Criminal Procedure and Investigations Act (CPIA) and Police and Criminal Evidence Act (PACE). This document seeks to provide clarity on the difference between these two distinct areas of business as well as provide more general guidance.
Government Digital Service Standard
The GDS Service Standard provides 14 principles for all Government teams to use when creating public services.
Video surveillance systems for use in security applications BS 62676
This document has been written by subject matter experts, together with many governmental organisations, test houses and equipment manufacturers to defined a common framework for video surveillance transmission in order to achieve interoperability between products.
The 62676 series is divided into 4 independent parts:
Part 1: System requirements (with 2 sub-parts: General and Performance requirements)
Part 2: Video transmission protocols
Part 3: Analog and digital video interfaces
Part 4: Application guidelines
This standard is intended to assist Video Surveillance System suppliers, users (including law enforcement), integrators and other interested parties achieve a complete and accurate specification of the surveillance system. This standard standard does not specify the type of technology required for a certain observation task.
[Note that this document, despite being authored in 2014, has been reviewed by subject matter experts in April 2021 and deemed to still represent good practice and relevancy]
UKAS Guidance on the Application of ISO/IEC 17025 Dealing with Expressions of Opinions and Interpretations 2017
Laboratories within the UK who wish to demonstrate that they operate to a quality system, are technically competent and are able to generate technically valid results must now meet the ISO/IEC 17025 requirements. This has now become the standard that UKAS now to assess a laboratory’s competence for the purposes of accreditation.
The purpose of this document is to set down United Kingdom Accreditation Service (UKAS) policy, process and guidance on assessment and accreditation of laboratories
The difference in this policy set out is that laboratories UKAS policy that laboratory accreditation to ISO/IEC 17025 can now include the expression of opinions and interpretation of test/calibration results in reports as it is considered to be an inherent part of testing. Whereas before this was not permitted.
The laboratory’s documented quality system must reflect whether it is expressing opinions and interpretations and if so, for which activities. The process of interpreting test/calibration results for the purpose of expressing opinions and interpretations must be documented.
Guidance on Automatic Number Plate Recognition (ANPR) Performance, Assessment and Optimisation
This guidance document suggests how to set up, maintain, monitor and maximise the performance of an ANPR system. It is written for law enforcement ANPR operatives and commercial installers on behalf of the National ANPR Strategy Board. It applies to ANPR systems that are part of the National ANPR Infrastructure (NAI) and may feed data into the National ANPR System (NAS).
Users should also consider the Data protection Act 2018 and Surveillance Camera Code of Practice when using this document.
Government Security Classification (GSM)
This document describes how HM Government classifies information assets into OFFICAL, OFFICIAL SENSITIVE, SECRET and TOP SECRET to ensure information can be protected but also efficiently shared. This is not a statutory scheme, but operates within the requirements of the Official Secrets Acts (1911 and 1989) and the Freedom of Information Act (2000) and Data Protection legislation.
National Policing Community Security Policy (5.7)
Please note this is an OFFICIAL-SENSITIVE document, to request access please use the 'Contact Us' tab to raise a general query
National Police information, systems and networks must be safeguarded to ensure the Police Community can meet their statutory and regulatory responsibilities. The Police Community meets these responsibilities through a community of trust and by the implementation of this Community Security Policy (CSP).
This document relates to all National Police information; systems/services and networks, for which Chief Officers or Chief Executives are Joint Data Controllers. Furthermore it extends to all systems whether national or local that connect to access police information.
Extraction of material from digital devices APP
This document sets out the obligations on the police under the Data Protection Act 2018 and how these interact with other relevant legislation and case law. It provides police officers and staff with a set of principles to inform how they obtain digital devices – most often mobile phones but also laptops and other computers – from victims, witnesses and suspects for the purpose of an investigation and how they then extract the digital material from those devices. It will also help the public understand the responsibilities of the police when gathering evidence, obtaining devices and accessing the material held on them.
Showing 161 to 170 of 231 entries.