to add a new content
Archiving of records in the public interest APP

This APP provides context for forces using the Information and Records Management Code of Practice to enable them to develop nationally consistent approach to identifying the proper regime of management and archiving for information records.

This guidance helps forces with the identification of records for long-term archiving and advises on how those records should be managed throughout their lifecycle, again securing consistency of approach.

Compliance with the Code and APP should help to increase the public’s confidence in how their information is handled.

Use the Contact Us tab at the top of the page to request further details.


Authoring body: College of Policing (CoP)
Records Management Code of Practice

The Code provides high-level standards for information and records management (in the form of seven principles), as well as other supporting standards, such as personnel and organisational capabilities. It will also drive consistency in the way that forces manage their information and records.


Use the Contact Us tab at the top of the page to request further details.

Authoring body: College of Policing (CoP)
Live Facial Recognition APP

Guidance for the overt deployment of live facial recognition technology to locate persons on a Watchlist. This is currently in draft format and is to be circulated to external stakeholders for consultation prior to submission to National Standards Assurance Board for publication on the platform.

Use the Contact Us tab at the top of the page to request further details.

Authoring body: College of Policing (CoP)
Interoperability between Social Services / Health / Police

A project is underway to better automate the current manual data sharing for multi-agency safeguarding hubs, including the creation of data sharing agreement, data impact assessments, information assurance levels and data structures.

Published 01/11/2021
Authoring body: Contact NS team for details
Procurement policy notes

This collection brings together all procurement policy notes, providing guidance on best practice for public sector procurement, to better enable policing to have a consistent approach to the purchase of digital, data and technology solutions.

Published 01/10/2021
Authoring body: Cabinet Office / Crown Commercial Services (CCS)
Open Web Application Security Project Top Ten (OWASP)

The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.

Organisations adopting this document should start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is an effective first step towards changing the software development culture within an organisation into one that produces more secure code.

Published 01/01/2021
Authoring body: Open Web Application Security Project (OWASP)
Forensic Science Regulator Information Legal Obligations (Issue 5)

This document was retired in June 2021.

The role of the forensic science regulator is to advise the Government and the criminal justice system on quality standards in the provision of forensic science. Recommend new requirements for new and improved standards and providing advice and guidance so that providers will be able to demonstrate compliance with common standards, in procurement and in courts 

A key requirement of any standards framework in forensic science is that the output meets the requirements of the Criminal Justice System (CJS). 
 This document sets out the view of the Regulator as to the legal landscape within which forensic scientists operate within the CJS. 

There are legal obligations placed on expert witnesses as sources in the Criminal Justice System in England and Wales as Expert evidence is admissible “to furnish the court with scientific information which is likely to be outside the experience and the knowledge of a judge or jury”. This places the expert witness in a privileged position.

It is important to note that expert evidence can only be given by a person who is an expert in the relevant field. An expert witness must provide the court with objective, unbiased opinion on 
matters within his expertise 
Witnesses must act with honesty and good faith. 

Published 01/01/2017
Authoring body: Forensic Science Regulator (FSR)
Command & Control (C&C) Version 0.1

This document was retired in June 2021.

The Command and Control (C&C) solution is the incident management and deployment solution for police officers responding to incidents reports by the public.

Incidents are usually graded based on severity of the incident and officers have Service Level Agreements (SLA’s) target in responding to incidents especially serious/critical incidents. SLA’s may differ from police force.

The Data types included in C&C are:

  • Action Status

  • Application Function Code

  • Application Function Title

  • Bus Info Class

  • Calendar Entry Class

  • Calendar Entry Status

  • Competency Class

  • Date Type

  • Duty Class

  • DVLA M/V Manufacturer Code

  • Event Plan Status

  • Incident Class

  • Location Status

  • Message Priority

  • Message Status

  • Message Template Type

  • Method of Reporting Origin

  • Motor Vehicle Body Type  Description

  • Organisation Class

  • Person Build

  • Person skin colour

  • PNC Access Reason

  • Person Shoe Type

  • Person Nationality

  • Person Eye Colour

  • Police EQP Avail Status

  • Police Officer Rank

  • Record Data Protection Status

  • Response Grade

  • Role

  • Sex

  • Special Constable Rank

  • Traffic Warden Rank

  • User Class ID

  • Plus many more.

Published 01/01/2019
Authoring body: Reference data service platform
Reference Data / Templates
Sender Policy Framework (SPF)

This document was retired in June 2021.

Sender Policy Framework (SPF) lets you publish a DNS record of all the domains or IP addresses you use to send email. Receiving email services check the record and know to treat email from anywhere else as spam.

Using a Sender Policy Framework (SPF) in an organisation lets you publish a Domain Name System (DNS) record of all the domains or (Internet Protocol) IP addresses you use to send email. Receiving email services check the record and know to treat email from anywhere else as spam.

You can include more than one sending service in your SPF record. For example, your corporate email service and an email marketing service.

Your SPF record also contains a qualifier option, which lets you:

- tell recipients to ignore your record while you test it

- mark, but not reject, email from an unknown source

Published 01/01/2016
Authoring body: Government Digital Service (GDS)
UKAS Guidance on the Application of ISO/IEC 17025 Dealing with Expressions of Opinions and Interpretations

This document was retired in March 2021.

Laboratories within the UK who wish to demonstrate that they operate to a quality system, are technically competent and are able to generate technically valid results must now meet the ISO/IEC 17025 requirements. This replaced the ISO/IEC Guide 25 and EN 45001, and has now become the standard that UKAS now to assess a laboratory’s competence for the purposes of accreditation instead of UKAS publication M10.

The purpose of this document is to set down United Kingdom Accreditation Service (UKAS) policy, process and guidance on assessment and accreditation of laboratories 

The difference in this policy set out is that laboratories UKAS policy that laboratory accreditation to ISO/IEC 17025 can now include the expression of opinions and interpretation of test/calibration results in reports as it is considered to be an inherent part of testing. Whereas before this was not permitted.

The laboratory’s documented quality system must reflect whether it is expressing opinions and interpretations and if so, for which activities. The process of interpreting test/calibration results for the purpose of expressing opinions and interpretations must be documented. 


Published 01/01/2001
Authoring body: United Kingdom Accreditation Service (UKAS)