Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
Penetration testing and ITHC Guideline
This guidance describes approaches to delivering comprehensive Testing (using a range of attack types), penetration tests, to support security and risk compliance monitoring
Covenant for Using Artificial Intelligence (AI) in Policing
The rapid growth of Artificial Intelligence (AI) within policing is unsurprising. The speed and accuracy that AI can bring to police processes make it an attractive way to deliver an effective and efficient service. However, the application of AI can be contentious[i]. Transparency and fairness must be at the heart of what we implement, to ensure a proportionate and responsible use that builds public confidence.
This Covenant outlines a set of principles that forces have agreed will define how it uses AI in its business. They were endorsed by all members of the National Police Chiefs’ Council on 28 September 2023. The endorsement means that all developers and users of AI within policing must give due regard to the Covenant’s principles. Whilst the implementation of these principles across policing will be an ongoing and evolving area of work, publication of our principles ensure we are acting with transparency from the outset.
Digital Case File Data Requirements 1.0.0
This document was retired in July 2021
The purpose of this document and standard is to detail the information requirements for the content of the digital case file to be transferred by forces to the Crown Prosecution Service (CPS).
The Digital Case File (DCF) Data requirements document help to define the structured case information and case summary required by the CPS for a first hearing, including that which must be served on to the court, defence and self-represented defendant as Initial Details of the Prosecution Case (IDPC). It also to define the content and data structure of the DCF, as required by the CPS and provided by the police for a case summary listed for a first hearing in the Magistrates Court.
This includes:
-
For all offences listed for a first hearing in the Magistrates Court by way of a charge sheet, summons or requisition.
-
To be used post-charge following either a police charge or cps pre-charge advice decision.
-
To be used for cases containing multiple defendants and offences.
-
For both anticipated guilty and not-guilty pleas.
-
For breach of bail (BoB) hearings.
National Digital Case File Standards
The Digital Case File national programme has established standards for how a case file is built and sent to the Crown Prosecution Service through collaboration with suppliers and police forces.
This programme works with a number of organisations, such as the CPS, law enforcement agencies and suppliers to produce a set of standards, which suppliers can then use to produce compatible solutions, allowing law enforcement agencies to send case files digitally to CPS . This is the national standard required for any technical digital case file solution.
This DCF programme is being implemented in police forces now and the attached documents liable to be updated as it progresses.
The National Standards Assurance Board notes that the branding is CGI on the standards as this is reflective of their work in writing them, but this has been in partnership with policing who own and continue to contribute towards them.
Police Approved Secure Facilities (PASF) security review checklist (v1.8)
Please note this is an OFFICIAL-SENSITIVE document, to request access please use the 'Contact Us' tab to raise a general query
This checklist covers the range of security measures to be assessed when reviewing how appropriate a premises is for handling police data. This can be used for both police premises but also suppliers premises, where they are handling or hosting data.
National Policing Community Security Policy Framework v1.0
National Policing will maintain public trust by securing our data and by applying a consistent, proportional approach to technology risk across policing. The National Policing Digital Strategy 2030 is built upon the 2025 Policing Vision to provide the foundations for Policing to deliver the National Digital Strategic objectives. In the future we will exchange more data and information with partners, adopt new connected technologies and move to cloud-based infrastructures. The move to a more open ecosystem cannot be at the expense of information security. This framework defines the holistic approach to information and technology risks by aligning to Government Security standards, guidance from the National Cyber Security Centre (NCSC) and industry best practice. The National Policing Community Security Policy Framework supports a proportionate baseline standard of cyber security for National Policing to deliver its operational and strategic objectives. As the cyber threat landscape facing the UK Police forces continues to evolve, so must the means by which forces maintain their security posture. The purpose of the National Policing Community Security Policy Framework is to provide the structure for information security for National Policing, suppliers, and partners to carry out their services securely. The National Policing Community Security Policy Framework, this document, will be referred to as the ‘Framework’ throughout this document. The scope of the ‘Framework’ applies to both this document and the supporting National Policing Information Security Policy and National Policing Information Security Principles that underpin the framework. Membership of the established ‘Community of Trust’ built under the original Community Security Policy, which is replaced by this framework and its supporting policy and principles, now requires alignment to this framework and its underlying policy and principles.
National Policing Community Security Policy v1.2
National Policing will maintain public trust by securing our data and by applying a consistent, proportional approach to technology risk across policing. The Community Security Policy (CSP) is an integral part of the Community Security Policy Framework and combined with Community Security Principles and the supporting standards, control objectives and other supporting documentation will help policing maintain public trust in its management of information assets. This Policy should be read in conjunction with the National Policing Community Security Policy (CSP) Framework, and Community Security Principles with which this policy is aligned. The audience, scope, objectives, governance and exception process for this policy are defined by the National Policing Community Security Policy Framework, which can be found in Knowledge Hub. For clarity this policy has been approved by the Police Information Assurance Board (PIAB) and applies to all members of the ‘Community of Trust’ as defined by the National Policing Community Security Policy Framework, and any suppliers and partners that have access to, store and/or process Police information, to provide services to Policing. This policy has taken into consideration and is aligned with industry best practice, which includes ISO/IEC 27002:2022, CIS Controls v8 (Center for Information Security), NIST Cyber Security Framework, CSA Cloud Controls Matrix v4 (Cloud Security Alliance) and NCSC 10 Steps to Cyber Security.
National Policing Community Security Principles v1.0
Principles are general rules and guidelines, intended to be enduring and seldom amended, that inform and support and prioritise the way in which National Policing decides which ideas, initiatives and/or opportunities are to be progressed (and warrant investment) and those that are not. These principles are a fundamental part of the National Policing Community Security Policy Framework and provide a foundation upon which a more consistent and structured approach to the design, development, and implementation of information security capabilities can be assembled. The primary focus of these principles is to provide the starting point for, setting the policy, standards and control objectives, which support the Community Security Policy Framework. The audience, scope, objectives, and governance for these principles are defined by the National Policing Community Security Policy Framework, which can be found on Knowledge Hub. For clarity these principles are approved by the Police Information Assurance Board (PIAB) and apply to all members of the ‘Community of Trust’ as defined by the National Policing Community Security Policy Framework, and any suppliers and partners that have access to, store and/or process Police information, to provide services to Policing.
National Policing Community Security Policy Framework v1.2
This framework defines the holistic approach to information and technology risks by aligning to Government Security standards, guidance from the National Cyber Security Centre (NCSC) and industry best practice. The National Policing Community Security Policy Framework supports a proportionate baseline standard of cyber security for National Policing to deliver its operational and strategic objectives. As the cyber threat landscape facing the UK Police forces continues to evolve, so must the means by which forces maintain their security posture. The purpose of the National Policing Community Security Policy Framework is to provide the structure for information security for National Policing, suppliers, and partners to carry out their services securely.
POLE Data Standards Catalogue v1.0
The intended purpose of this standard is to promote interoperability and improve the data quality of systems by converging on a common set of POLE data definitions used within Policing. POLE data definitions describe how People, Objects, Locations and Events (POLE) should be formatted.
There are 44 POLE entities described in this standard including:
- 20 person entities
- 13 object entities
- 5 location entities
- 6 event entities
The standard defines the attributes (field size, format, type) used to create the entities and contains and “entity x attribute map”. It also contains validation rules for these attributes.
This standard is owned by the National Police Chiefs Council (NPCC) and should be regarded as the default data standard for all POLE entities.
Along with the standard, the POLE data model (POLE v1.1.accdb) and data dictionary (POLE data standards - Data dictionary v1.1.xlsx) are also attached below.
Showing 71 to 80 of 231 entries.