Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
Open Web Application Security Project Top Ten (OWASP)
The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
Organisations adopting this document should start the process of ensuring that their web applications minimize these risks. Using the OWASP Top 10 is an effective first step towards changing the software development culture within an organisation into one that produces more secure code.
Forensic Science Regulator Information Legal Obligations (Issue 5)
This document was retired in June 2021.
The role of the forensic science regulator is to advise the Government and the criminal justice system on quality standards in the provision of forensic science. Recommend new requirements for new and improved standards and providing advice and guidance so that providers will be able to demonstrate compliance with common standards, in procurement and in courts
A key requirement of any standards framework in forensic science is that the output meets the requirements of the Criminal Justice System (CJS). This document sets out the view of the Regulator as to the legal landscape within which forensic scientists operate within the CJS.
There are legal obligations placed on expert witnesses as sources in the Criminal Justice System in England and Wales as Expert evidence is admissible “to furnish the court with scientific information which is likely to be outside the experience and the knowledge of a judge or jury”. This places the expert witness in a privileged position.
It is important to note that expert evidence can only be given by a person who is an expert in the relevant field. An expert witness must provide the court with objective, unbiased opinion on matters within his expertise Witnesses must act with honesty and good faith.
Command & Control (C&C) Version 0.1
This document was retired in June 2021.
The Command and Control (C&C) solution is the incident management and deployment solution for police officers responding to incidents reports by the public.
Incidents are usually graded based on severity of the incident and officers have Service Level Agreements (SLA’s) target in responding to incidents especially serious/critical incidents. SLA’s may differ from police force.
The Data types included in C&C are:
-
Action Status
-
Application Function Code
-
Application Function Title
-
Bus Info Class
-
Calendar Entry Class
-
Calendar Entry Status
-
Competency Class
-
Date Type
-
Duty Class
-
DVLA M/V Manufacturer Code
-
Event Plan Status
-
Incident Class
-
Location Status
-
Message Priority
-
Message Status
-
Message Template Type
-
Method of Reporting Origin
-
Motor Vehicle Body Type Description
-
Organisation Class
-
Person Build
-
Person skin colour
-
PNC Access Reason
-
Person Shoe Type
-
Person Nationality
-
Person Eye Colour
-
Police EQP Avail Status
-
Police Officer Rank
-
Record Data Protection Status
-
Response Grade
-
Role
-
Sex
-
Special Constable Rank
-
Traffic Warden Rank
-
User Class ID
-
Plus many more.
Sender Policy Framework (SPF)
This document was retired in June 2021.
Sender Policy Framework (SPF) lets you publish a DNS record of all the domains or IP addresses you use to send email. Receiving email services check the record and know to treat email from anywhere else as spam.
Using a Sender Policy Framework (SPF) in an organisation lets you publish a Domain Name System (DNS) record of all the domains or (Internet Protocol) IP addresses you use to send email. Receiving email services check the record and know to treat email from anywhere else as spam.
You can include more than one sending service in your SPF record. For example, your corporate email service and an email marketing service.
Your SPF record also contains a qualifier option, which lets you:
- tell recipients to ignore your record while you test it
- mark, but not reject, email from an unknown source
UKAS Guidance on the Application of ISO/IEC 17025 Dealing with Expressions of Opinions and Interpretations
This document was retired in March 2021.
Laboratories within the UK who wish to demonstrate that they operate to a quality system, are technically competent and are able to generate technically valid results must now meet the ISO/IEC 17025 requirements. This replaced the ISO/IEC Guide 25 and EN 45001, and has now become the standard that UKAS now to assess a laboratory’s competence for the purposes of accreditation instead of UKAS publication M10.
The purpose of this document is to set down United Kingdom Accreditation Service (UKAS) policy, process and guidance on assessment and accreditation of laboratories
The difference in this policy set out is that laboratories UKAS policy that laboratory accreditation to ISO/IEC 17025 can now include the expression of opinions and interpretation of test/calibration results in reports as it is considered to be an inherent part of testing. Whereas before this was not permitted.
The laboratory’s documented quality system must reflect whether it is expressing opinions and interpretations and if so, for which activities. The process of interpreting test/calibration results for the purpose of expressing opinions and interpretations must be documented.
Intelligence Management Research & Analysis APP
This document was retired in July 2021. This was replaced by the wider Intelligence Management APP
Research and analysis are very important tools used in policing for intelligence purposes to understand crime and investigate criminal activity. It is a way of processing and analysing material and information presented to support decision-making. With this comes the intelligence cycle where a sequential process is undertaken to allow the information presented to be developed into intelligence. This involves the roles of the analyst, researcher, data sources, analytical techniques used, reports etc.
This guidance document helps to explain what the intelligence cycle is, the direction, collection and collation of relevant information, evaluation and analysis of the data. It goes into detail explaining the roles highlighted above as well crime theories and approaches, terms of reference, data sources, using statistics, and analytical techniques, output reports, dissemination of output report and on-going reviews.
National Firearms License Management System (NFLMS) Version 0.1
This document was retired in June 2021.
The National Firearms Licensing Management System provides a method for managing the licensing of firearms, shotguns and explosives. It records all individuals, companies and dealers who have applied for, or have been granted, a certificate.
The dataset consists of:
-
Action
-
Addresstype
-
Alarmtype
-
Applicationstatus
-
Approvaltype
-
Calibre
-
Capacitytype
-
Certificatestatus
-
Certificatetype
-
Clubstatus
-
Colour
-
Condition
-
Constructiontype
-
Enquirytype
-
Ethnicity
-
Logeventtype
-
Manufacturer
-
Measurement
-
Nationality
-
Occupation
-
Personmarkertype
-
Sex
-
Weaponcategory
-
Weaponclass
-
Weapondisposalcode
-
Weaponstatus
-
Weapontype
Corporate Data Model (CorDM) Version 7.3
This document was retired in July 2021.
Aligned to PND Context v3.2.2. CorDM 7.3 uses the same versions of CV lists (where common) as PND Context v3.2.
Reference dataset consists of:
AbscondercirculationInstitutionType
AccomodationResourceType
AccountTransactionType
AccountType
ACPOCodeLevel4Type
ACPOCodeQualifierType
ActionSpecificationType
ActionType
ActivityPriorityType
ActivityStatusType
AdministrationAreaType
AlarmActivationAccessType
AlarmFacilityPurposeType
AlarmFacilityReasonType
BankAccountType
BloodGroupType
BodyPositionType
BuildingUnitType
CalendarEntryType
CalendarType
CalibreType
CaseFileType
CaseIssueType
CaseStatusType
CasualtyType
CellType
CheckType
ChequeType
ChildProtectionCaseStatusType
CHISRewardType
CHISMotiveType
CHISStatusType
CollectionType
ColourType
CommercialOrganisationType
CompetencyType
ComplextionType
Plus many more
Authentication and Credentials for use with HMG Online Services (Good Practice Guide No. 44) (Issue 2)
This document was retired in July 2021.
This document is good practice guidance to Her Majesty’s Government (HMG) public service providers to describing how types of credentials supports support user authentications to HMG online services.
HMG online public services can be a high target for many sources of threats and as such may pose a significant level of risk. As a result Public service providers must be aware of the credential choices of authentication levels that relate to HMG online services. There are three high-levels of authentication:
-
Authentication demonstrates that authentication requestor possesses the credential for a legitimate account.
-
Authentication provides confidence that the credentials is being used/or with explicit consent by a legitimate account holder and might support civil proceedings.
-
Authentication provides confidence that the credentials is being used/or with explicit consent by a legitimate account holder and might support criminal proceedings.
The level of assurance assigned to an authentication credential has many factors incorporated into and is considered against the threat levels associated with the Government service provider.
Some of the factors considered are the type of credential required, the on-going management of the credential by the identity Provider (IDP), the quality and extent of monitoring and reactions by the IDP, the Information Assurance (IA) maturity of the authentication provider and much more.
The CESG Information Assurance Standards and Guidance welcomes feedback. To leave feedback and review please email enquiries@cesg.gsi.gov.uk
National security Strategy & Strategic Defence & Security Review 2015
This document was retired in July 2021
National Security and economic security are dependent on each other, and if any wants to thrive, both have to thrive. The security of the nation is dependent upon a strong economy, and a strong economy is dependent upon strong security. Therefore the Defence budget is seen as critical to the government to maintain strong national security.
With the threat to the UK ever increasing, from the rise of ISIS and greater instability in the Middle East, risk of pandemics such as COVID 19, threat of Cyber attacks, the world is more dangerous and uncertain than ever before and as such investing in our security is of upmost importance.
This document sets out our National Security Strategy and how we will implement it within the UK. The UK’s priorities are to deter state-based threats, tackle terrorism, remain a world leader in cyber security and ensure we have the capability to respond rapidly to crises as they emerge. Therefore the vision can be determined as to promote a secure and prosperous United Kingdom, with global reach and influence using strategic enablers such as the Armed Forces, Security & Intelligence Agencies, Diplomatic service overseas and our Allies.
Showing 231 to 240 of 249 entries.