Search - National Standard Microsite
NCSP People Security Management Standard
This standard is intended to guide the reader through the process of securely managing personnel and embedding security at all stages of the employee lifecycle.
National Digital Case File Standards
The Digital Case File national programme has established standards for how a case file is built and sent to the Crown Prosecution Service through collaboration with suppliers and police forces.
This programme works with a number of organisations, such as the CPS, law enforcement agencies and suppliers to produce a set of standards, which suppliers can then use to produce compatible solutions, allowing law enforcement agencies to send case files digitally to CPS . This is the national standard required for any technical digital case file solution.
This DCF programme is being implemented in police forces now and the attached documents liable to be updated as it progresses.
The National Standards Assurance Board notes that the branding is CGI on the standards as this is reflective of their work in writing them, but this has been in partnership with policing who own and continue to contribute towards them.
NCSP Overseas IT Access Guidelines v1.1
This guidance describes best practice risk management controls for accessing Policing ICT resources whilst abroad. It also describes the circumstances when forces can make a local decision or when referral to NSIRO is required when use abroad is required.
OVERSEAS IT ACCESS GUIDELINES
This guidance describes best practice risk management controls for accessing Policing ICT resources whilst abroad. It also describes the circumstances when forces can make a local decision or when referral to NSIRO is required when use abroad is required.
NCSP Police Security Classification Guideline V1.0
This guidance is to assist members of the policing community of trust to correctly classify and protect information assets in line with UK Government Security Classification Policy.
This guidance in conjunction with the National Policing Community Security Policy (NCSP) and associated documents supports the requirements of the NCSP Information Management standard.
NCSP Passwords standard V1.1
This Standard supports the principles set out in the National CSP, providing detailed guidance to those implementing and managing PDS & policing systems. This Standard applies to all passwords created for use on PDS & policing systems, including those for user-level accounts, system-level accounts, and any device-specific passwords.
System Access Standard
This standard defines the requirements which, when applied, will prevent unauthorised access to national policing IT systems. Areas considered include account management, access control mechanisms e.g. biometrics and customer access.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.
This standard also relates to other PDS standards passwords and IAM, which the audience should also consider.
Third Party Assurance for Policing (TPAP)
This Standard is to ensure that all third party suppliers are examined to fully understand their overall security posture and how that may impact upon Policing, ensure they fully understand the responsibilities they have in looking after policing data, that elements such as the importance of vetting and the cyber security of their systems is understood and they are aware of the requirements when handling and communicating that data.
Cryptography Standard v 1.0
The purpose of this standard is to establish a set of cryptographic algorithms and protocols for use in specific applications for the transmission and storage of Police Data up to the classification of OFFICIAL. The requirements are the minimum acceptable levels of encryption and are aligned to the NIST and NCSC frameworks and are applicable to cloud environment, on premises environments and the data networks that interconnect them.
IDENTITY AND ACCESS MANAGEMENT STANDARD
This standard defines the requirements which, when applied, will define identity and access management
standards to national policing IT systems. Areas considered include account management, access control
mechanism, privilege access, account provisioning, account review, access suspension and termination,
guest accounts, third party access and audit requirements.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable
reference for community members, notably those who build and implement IT systems on behalf of
national policing.
This standard also relates to other PDS standards such as passwords, system access, PAM, vetting, which
the audience should also consider