to add a new content
Resource
NCSP Password Standard v1.3

This Standard supports the principles set out in the National CSP, providing detailed guidance to those implementing and managing PDS & policing systems. This Standard applies to all passwords created for use on PDS & policing systems, including those for user-level accounts, system-level accounts, and any device-specific passwords.

Published 01/05/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
MOU Digital Evidence sharing between the Police and CPS v1.1

This MOU supports and underpins the existing arrangements in place between the CPS and the Relevant Police Force for the provision of evidential and disclosable unused material and sets out the expected level of service to be provided by both the CPS and Relevant Police Force in relation to the sharing of MME via DEMS.

Published 05/12/2024
Authoring body: Police Digital Service (PDS)
Policy
Resource
NCSP Decommissioning standard v1.0

This standard is intended to provide a framework of controls to support the secure decommissioning of police information systems.

Published 01/05/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Privileged Access Management standard v1.1

This standard defines the requirements and best practice for privileged access management which should be adopted to manage elevated access consistently and securely across national policing IT systems.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/05/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
Artificial Intelligence Risk Assessment v1.0

This document provides a structured approach to assessing and managing security risks associated with AI adoption in law enforcement. It ensures that AI technologies are evaluated at every stage of their lifecycle, meeting security and operational requirements.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/05/2025
Authoring body: Police Digital Service (PDS)
Guidance
Resource
NCSP Digital Forensics guideline v1.0

This guideline provides information on how to preserve the integrity of digital evidence which supports the investigation cyber incidents.

Published 01/05/2025
Authoring body: Police Digital Service (PDS)
Guidance
Resource
Police Security Classification Guidelines v1.1

This guidance is to assist members of the policing community of trust to correctly classify and protect information assets in line with UK Government Security Classification Policy. This guidance in conjunction with the National Policing Community Security Policy (NCSP) and associated documents supports the requirements of the NCSP Information Management standard.
ANNEX A - Working at SECRET ANNEX B – Working at TOP SECRET ANNEX C – Classification guidance quick reader guide

Published 01/05/2025
Authoring body: Police Digital; Service (PDS)
Guidance
Resource
NCSP People Security Management v1.1

This standard is intended to guide the reader through the process of securely managing personnel and embedding security at all stages of the employee lifecycle.

Published 03/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Electronic Communications Standard v1.1

This standard supports the policy set out in the National Community Security Policy, providing requirements for those designing, building and running electronic communications services within national policing systems. This standard details a minimum set of security requirements and controls that must be met to ensure security of electronic communications services. Consideration is given to the following areas of configuration, email systems, collaboration platforms and voice communications platforms.

Published 03/02/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Physical and Environmental Security Management Standard v1.1

This Standard sets out the Physical and Environmental Security measures and considerations to be used within policing. This standard will outline key guidance and advice that should be acknowledged and referred to, and where practicably possible, implemented to safeguard Policing locations including the assets within them.

Published 03/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Security Testing Standard v1.0

This standard describes approaches to delivering comprehensive security testing (using a range of attack types) to support security and risk compliance monitoring.
It supplements National Community Security Policy Information Assurance core standard.

Published 03/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
National Police Information Security Risk Framework

This framework is to ensure that all security risks are identified, assessed, and managed in accordance with best practice in order to facilitate improved governance. It is mandatory for all information systems that hold Police information, or which deliver an operational service to policing to undergo a risk assessment, as stipulated in the National Policing Community Security Policy.
The Security Risk Management Framework mutually supports the Police Cyber Assurance Framework (PCAF). The framework supports the requirements of the National Community Security Policy (NCSP).

Published 01/04/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Secure By Design (SbD) Guideline V1.1

This document provides detailed guidance to support the National Community Security Policy (NCSP) system development (Secure by Design SbD) standard. Secure by Design as a methodology has been selected to ensure that a repeatable, structured, and consistent approach to the secure delivery of solutions across policing is achieved, as well as ensuring that risks are managed within risk appetite. 

Published 01/01/2025
Authoring body: Police Digital Service (PDS)
Guidance
Resource
System Development – Secure by Design (SbD) Standard

This standard outlines the functions within the Secure By Design (SbD) process, aligned to project stages, to ensure a consistent approach to cyber security is achieved throughout a system’s development. The purpose of this standard is to define an approach to ensure that all products / solutions are assured in a repeatable, structured and consistent way. This will enable security controls to be designed into solutions at an early stage, ensuring the secure delivery of solutions across policing, whilst identifying and managing risk to within risk appetite.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/02/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Systems Management v1.1

This standard defines the requirements which, when applied, will assist with the secure management of systems and networks.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.
This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/02/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
Overseas IT Access Guideline

This guidance describes best practice risk management controls for accessing Policing ICT resources whilst abroad. It also describes the circumstances when forces can make a local decision or when referral to NSIRO is required when use abroad is required.

Published 01/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
Information Compliance using Microsoft Purview

This guideline is a baseline for Policing in use of Microsoft Purview from a Information Compliance; oversight and measurement perspective

Published 01/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Bluetooth Guidance Document v1.7

This guideline provides audiences with background information concerning Bluetooth technology and guidance on how it can be suitably and securely deployed within the Law Enforcement environment.
It’s purpose is to provide relevant information, enabling users of Bluetooth technology to achieve operational capability whilst minimising the risks of data security compromise.

Published 01/03/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Guideline: INFORMATION TRANSFER

Information transfer is the process of moving information from one location to another. Policies and processes are required to protection information during this process.
Any activity involving the movement of information from one place to another carries inherent risk whereby the confidentiality, integrity or availability of that information may be compromised. Appropriate and proportionate steps must be taken to ensure the security requirements of the information being transferred are protected against deliberate or inadvertent, authorised or unauthorised attack, damage or loss.
ANNEX A – Legacy NPIRMT Protection of OFFICIAL Police Data in Transit – Risks & contextual risk mitigation tables

Published 01/02/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Vulnerability Management v2.0

This standard supports the policy set out in the National Community Security Policy, providing requirements for those designing, building and running IT services, managing threats and vulnerabilities within PDS and policing systems.

Published 03/12/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Network Security v1.2

This standard supports the policy set out in the National Community Security Policy, providing requirements for those designing, building and running network services on behalf of national policing. This standard details a minimum set of security requirements and controls that must be met to ensure security and segregation of network services.

Published 01/02/2025
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Technical Security Management Standard v1.1

This Standard specifies the minimum requirements regarding technical security management. It describes the requirements to enable members of the community of trust to build and operate an effective technical security infrastructure, applying security architecture principles and integrating technical security solutions, such as malware protection, intrusion detection and cryptography

Published 02/12/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Monitoring and Evaluation of Force Information Security Incidents Guideline

This guideline defines the type of cyber and information security incidents which are required to be reported for monitoring and evaluation purposes and the applicable categories

Published 03/02/2025
Authoring body: Police Digital Service (PDS)
Guidance
Resource
NCSP Physical Asset Management Standard v1.1

This standard aims to ensure that physical assets are acquired securely, configured properly, maintained regularly, and disposed of safely and securely, while ensuring the confidentiality, integrity, and availability of the information they handle. By adopting this standard, organisations can ensure that they are protecting their assets against potential threats, mitigating risks, and complying with regulatory requirements.

Published 02/12/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Internet connection guideline v1.0

This guideline covers recommendations for the commissioning and use of internet connections, with a specific focus on the requirements of the Law Enforcement Community Network (LECN).

Published 01/01/2025
Authoring body: Police Digital Service
Guidance
Resource
NCSP Information Management v1.1

This standard defines the requirements to implement Information Management as mandated in the National Community Security Policy. It encompasses the management of policing information within the OFFICIAL tier of the Government Security Classification model

Published 01/11/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Electronic Conferencing Guideline v1.0

This guideline provides the policing community with advice on the use of communication software such as e-conferencing.

Published 01/12/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Cyber Incident Management Standard v1.2

This Standard specifies the minimum requirements regarding cyber threat and incident processes and actions. It aims to provide members of the policing community with clear direction to manage incidents associated with cyber-attacks and cyber incidents

Published 01/09/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Cryptography Standard v2.1

This standard sets out the Cryptographic Algorithms to be used within policing. A list of algorithms is provided initially followed by applications and the associated cryptography required for each application. Finally the standard provides some commentary on the emerging cryptography for post quantum computing and lightweight computing.

This standard adheres to the National Policing Community Security Policy Framework and is a suitable reference for community members, notably those who build and implement IT systems on behalf of national policing.

Published 01/12/2024
Authoring body: Police Digital Service (PDS)
Standards
Resource
NCSP Application Management Standard v1.1

This standard is intended to guide the reader through the process of securely managing business applications, both internally developed and externally sourced, regardless of whether locally installed or cloud based. Centred around stocktaking, documenting and actively managing those applications, this standard should enable the visibility of all business utilised applications, ensuring all are appropriately assessed for risk, appropriately controlled, and managed in such a way as to not introduce cyber security risk going forward.

Published 01/11/2024
Authoring body: Police Digital Service (PDS)
Standards