to add a new content
Resource
Vulnerability Management v1.0

This standard supports the policy set out in the National Community Security Policy, providing requirements for those designing, building and running IT services and managing vulnerabilities within PDS & policing systems.

Published 01/11/2023
Authoring body: PDS
Policy
Resource
Information Management v1.0

This Standard defines the requirements to implement Information Management as mandated in the National Community Security Policy. It encompasses the management of policing information within the OFFICAL tier of the Government Security Classification model.

Published 01/12/2023
Authoring body: PDS
Standards
Resource
Cyber Threat and Incident Management v1.0

This Standard specifies the minimum requirements regarding cyber threat and incident processes and actions. It aims to provide PDS (Police Digital Service) and policing with clear direction to manage threat, vulnerabilities and incidents associated with cyber-attacks and cyber incidents.

Published 01/12/2023
Authoring body: PDS
Standards
Resource
Covenant for Using Artificial Intelligence (AI) in Policing

The rapid growth of Artificial Intelligence (AI) within policing is unsurprising. The speed and accuracy that AI can bring to police processes make it an attractive way to deliver an effective and efficient service. However, the application of AI can be contentious[i]. Transparency and fairness must be at the heart of what we implement, to ensure a proportionate and responsible use that builds public confidence.

This Covenant outlines a set of principles that forces have agreed will define how it uses AI in its business. They were endorsed by all members of the National Police Chiefs’ Council on 28 September 2023. The endorsement means that all developers and users of AI within policing must give due regard to the Covenant’s principles. Whilst the implementation of these principles across policing will be an ongoing and evolving area of work, publication of our principles ensure we are acting with transparency from the outset.

Published 01/09/2023
Authoring body: NPCC
Principles
Resource
Physical asset Management standard

The standard aims to ensure that physical assets are acquired securely, configured properly, maintained regularly, and disposed of safely and securely, while ensuring the confidentiality, integrity, and availability of the information they handle. By adopting this standard, organisations can ensure that they are protecting their assets against potential threats, mitigating risks, and complying with regulatory requirements.

Published 01/02/2024
Authoring body: PDS
Standards
Resource
Cyber Technical Security Management Standard v1.0

This Standard specifies the minimum requirements regarding technical security management. It describes the requirements to enable members of the community of trust to build and operate an effective technical security infrastructure, applying security architecture principles and integrating technical security solutions, such as malware protection, intrusion detection and cryptography.

Published 01/01/2024
Authoring body: PDS
Standards
Resource
Cyber Network Security Standard v1.0

This standard supports the policy set out in the National Community Security Policy, providing requirements for those designing, building and running network services within PDS & policing systems. This standard details a minimum set of security requirements and controls that must be met to ensure security and segregation of network services. Consideration is given to the following areas network device configuration, physical network management, wireless access, external network connections, firewalls and remote maintenance.

Published 01/01/2024
Authoring body: PDS
Standards
Resource
Digital Case File Data Requirements 1.0.0

This document was retired in July 2021

The purpose of this document and standard is to detail the information requirements for the content of the digital case file to be transferred by forces to the Crown Prosecution Service (CPS).

The Digital Case File (DCF) Data requirements document help to define the structured case information and case summary required by the CPS for a first hearing, including that which must be served on to the court, defence and self-represented defendant as Initial Details of the Prosecution Case (IDPC). It also to define the content and data structure of the DCF, as required by the CPS and provided by the police for a case summary listed for a first hearing in the Magistrates Court.

This includes:

  • For all offences listed for a first hearing in the Magistrates Court by way of a charge sheet, summons or requisition.

  • To be used post-charge following either a police charge or cps pre-charge advice decision.

  • To be used for cases containing multiple defendants and offences.

  • For both anticipated guilty and not-guilty pleas.

  • For breach of bail (BoB) hearings.

Published 01/01/2015
Authoring body: Criminal Justice System (CJS)
Standards
Resource
National Digital Case File Standards

The Digital Case File national programme has established standards for how a case file is built and sent to the Crown Prosecution Service through collaboration with suppliers and police forces. 

This programme works with a number of organisations, such as the CPS, law enforcement agencies and suppliers to produce a set of standards, which suppliers can then use to produce compatible solutions, allowing law enforcement agencies to send case files digitally to CPS . This is the national standard required for any technical digital case file solution.

This DCF programme is being implemented in police forces now and the attached documents liable to be updated as it progresses.

The National Standards Assurance Board notes that the branding is CGI on the standards as this is reflective of their work in writing them, but this has been in partnership with policing who own and continue to contribute towards them.

Published 01/04/2021
Authoring body: Police Digital Service (PDS)
Standards
Resource
Police Approved Secure Facilities (PASF) security review checklist (v1.8)

Please note this is an OFFICIAL-SENSITIVE document, to request access please use the 'Contact Us' tab to raise a general query

This checklist covers the range of security measures to be assessed when reviewing how appropriate a premises is for handling police data. This can be used for both police premises but also suppliers premises, where they are handling or hosting data.

 

Published 01/06/2020
Authoring body: National Police Information Risk Management Team (NPIRMT)
Reference Data / Templates