Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
National Community Security Policy Framework v1.4
This framework provides all national policing and its partners with a clear guide of how information security policies and standards work in national policing, the objectives of the framework, whom the framework and its supporting policy and principles apply to, whom has accountability for information security and risk and how policies will be governed.
National Policing Community Security Policy Framework v1.3
This framework provides all National Policing and its partners with a clear guide of how information security policies and standards work in National Policing, the objectives of the framework, whom the framework and its supporting policy and principles apply to, whom has accountability for information security and risk and how policies will be governed.
NCSP Cryptography Standard
This standard sets out the Cryptographic Algorithms to be used within policing. A list of algorithms are provided initially followed by applications and the associated cryptography required for each application. Finally the standard provides some commentary on the emerging cryptography for post quantum computing and lightweight computing.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing
System Access annual review
This standard defines the requirements which, when applied, will prevent unauthorised access to national policing IT systems. Areas considered include account management, access control mechanisms e.g. biometrics and customer access.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.
This standard also relates to other PDS standards passwords and IAM, which the audience should also consider.
Identity & Access Management Standard annual review
This standard defines the requirements which, when applied, will define identity and access management standards to national policing IT systems. Areas considered include account management, access control mechanism, privilege access, account provisioning, account review, access suspension and termination, guest accounts, third party access and audit requirements.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.
This standard also relates to other PDS standards such as passwords, system access, PAM, vetting, which the audience should also consider
Third Party Assurance for Policing (TPAP)
This Standard is to ensure that all third party suppliers are examined to fully understand their overall security posture and how that may impact upon Policing, ensure they fully understand the responsibilities they have in looking after policing data, that elements such as the importance of vetting and the cyber security of their systems is understood and they are aware of the requirements when handling and communicating that data.
Third Party Assurance for Policing (TPAP)
This Standard is to ensure that all third party suppliers are examined to fully understand their overall security posture and how that may impact upon Policing, ensure they fully understand the responsibilities they have in looking after policing data, that elements such as the importance of vetting and the cyber security of their systems is understood and they are aware of the requirements when handling and communicating that data.
PIN & Biometric guideline
The Biometric & Pin Guidance provides recommendations and best practices for securely implementing and managing biometric authentication and PIN systems.
NCSP Police Security Classification Guideline V1.0
This guidance is to assist members of the policing community of trust to correctly classify and protect information assets in line with UK Government Security Classification Policy.
This guidance in conjunction with the National Policing Community Security Policy (NCSP) and associated documents supports the requirements of the NCSP Information Management standard.
Information Compliance using Microsoft Purview Cyber Guideline
This guidance describes best practice for monitoring, auditing and assuring the Office 365 tenancy minimise the risk to policing information within the Microsoft 365 service.
Showing 31 to 40 of 231 entries.