to add a new content
Resource
NCSP Police Security Classification Guideline V1.0

This guidance is to assist members of the policing community of trust to correctly classify and protect information assets in line with UK Government Security Classification Policy.
This guidance in conjunction with the National Policing Community Security Policy (NCSP) and associated documents supports the requirements of the NCSP Information Management standard.

Published 01/04/2024
Authoring body: Police Digital Service
Guidance
Resource
NCSP Passwords standard V1.1

This Standard supports the principles set out in the National CSP, providing detailed guidance to those implementing and managing PDS & policing systems. This Standard applies to all passwords created for use on PDS & policing systems, including those for user-level accounts, system-level accounts, and any device-specific passwords.

Published 01/04/2024
Authoring body: Police Digital Service
Standards
Resource
System Access Standard

This standard defines the requirements which, when applied, will prevent unauthorised access to national policing IT systems. Areas considered include account management, access control mechanisms e.g. biometrics and customer access.

This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

This standard also relates to other PDS standards passwords and IAM, which the audience should also consider.

Published 02/04/2023
Authoring body: Police Digital Service
Standards
Resource
Third Party Assurance for Policing (TPAP)

This Standard is to ensure that all third party suppliers are examined to fully understand their overall security posture and how that may impact upon Policing, ensure they fully understand the responsibilities they have in looking after policing data, that elements such as the importance of vetting and the cyber security of their systems is understood and they are aware of the requirements when handling and communicating that data.

Published 25/05/2023
Authoring body: The Police Digital Service (PDS)
Standards
Resource
Cryptography Standard v 1.0

The purpose of this standard is to establish a set of cryptographic algorithms and protocols for use in specific applications for the transmission and storage of Police Data up to the classification of OFFICIAL. The requirements are the minimum acceptable levels of encryption and are aligned to the NIST and NCSC frameworks and are applicable to cloud environment, on premises environments and the data networks that interconnect them.

Published 25/05/2023
Authoring body: The Police Digital Service (PDS)
Standards
Resource
IDENTITY AND ACCESS MANAGEMENT STANDARD

This standard defines the requirements which, when applied, will define identity and access management 
standards to national policing IT systems. Areas considered include account management, access control 
mechanism, privilege access, account provisioning, account review, access suspension and termination, 
guest accounts, third party access and audit requirements. 
This standard adheres to the National Policing Community Security Policy Framework and is a suitable 
reference for community members, notably those who build and implement IT systems on behalf of 
national policing.
This standard also relates to other PDS standards such as passwords, system access, PAM, vetting, which 
the audience should also consider

Published 01/05/2023
Authoring body: Police Digital Service (PDS)
Standards
Resource
National Police Information Security Risk Management Framework

This framework is to ensure that all security risks are identified, assessed, and managed in accordance with best practice in order to facilitate improved governance. It is mandatory for all information systems that hold Police information or which deliver an operational service to policing to undergo a risk assessment, as stipulated in the National Policing Community Security Policy. The Security Risk Management Framework mutually supports the Police Cyber Assurance Framework (PCAF). The framework supports the requirements of the National Community Security Policy (NCSP.)

Published 01/05/2023
Authoring body: The Police Digital Service
Guidance
Resource
National Police Information Security Risk Management Guidance

The National Policing Information Security Risk Management Framework provides the foundations of risk management across policing in line with the Police Cyber Assurance Framework (PCAF). This guidance supports the risk management framework by detailing the actions required to firstly assess a risk, and then to manage it via the national risk register. This guide must be read in conjunction with the National Security Risk Management Framework.

Published 01/05/2023
Authoring body: The Police Digital Service
Standards
Resource
National Police Information Security Risk Management Risk Balance Case Template

The National Policing Information Security Risk Management Framework provides the foundations of risk management across policing in line with the Police Cyber Assurance Framework (PCAF). 

This template must be completed in conjunction with the National Security Risk Management Framework and Guidance.

The Risk Decision Document should be a single document that outlines any national risk, and the recommended measures for mitigating it. The template is organised into sections, each containing specific guidance points on content to be included.

Published 01/05/2023
Authoring body: The Police Digital Service
Reference Data / Templates
Resource
Safe deployment of TikTok

This guidance provides an overview of approaches to deploy TikTok safely

Published 01/06/2023
Authoring body: The Police Digital Service
Guidance