Frequently Asked Questions

Who manages National Standards?

Who manages National Standards?

The programme is managed by three groups, who work together to provide effective governance and support for National Standards. The members of the boards are subject matter experts, leaders in policing, senior members of the Home Office and TechUK's interoperability board, ensuring the voice of the standards' community is represented and heard.

  • The Assurance Board are the main working group for National Standards, meeting monthly to discuss, allocate and review actions to drive forward appropriate changes to standards.
  • The Governance Board are the strategic leads for National Standards, meeting quarterly to provide oversight and direction for the programme. Ensuring alignment with the National Policing Digital Strategy and dealing with any escalations from the Assurance Board.
  • The National Standards Team are full-time members of the Police Digital Service, who are responsible for facilitating both boards, maintaining the platform and triaging requests for support from the wider community. Regular reviews are carried out of documentation on the platform.

If you want to find out more, please contact us.

How can I find standards?

How can I find standards?

Each standard is sorted into a main National Standards Category (such as 'Data' or 'Security') and then has appropriate tags applied to it. This enables a simple, flat structure to enable the right set of standards to be quickly located by searching for the relevant categories and tags. You can also use the free text search bar at the top of the page, from anywhere on the platform.

How is a National Standard made live or changed?

How a National Standard is made Live

There is a governance process in place to ensure documentation is put through a series of reviews before making it to the platform.

Draft: After receiving a request for a new/changed/retired National Standard, the National Standards team will triage the request for completeness and accuracy.

Review: The request is then presented to the Assurance Board to assure the request and provide input into additional work required after reviewing it.

Consensus: Once reviewed, it is then sent out to the standards community, who are encouraged to provide feedback on the new / changed / retired standard and have their voice heard.

The term 'community' covers everyone with an interest in a particular category of standards, this group of people includes both policing, suppliers and the general public. To be added to the interested parties lists for a category, please raise a request by clicking here.

Live / Retired: Once the community feedback has been gathered (usually 1 month after putting the standard out for Consensus), any resulting work is completed as appropriate and reviewed again by the Assurance Board before a decision is made to go live with the change (and potentially retire an existing standard). Retired standards are retained on the platform and can still be searched for and filtered.

 

Are National Standards strategically aligned?

How can I be sure National Standards are strategically aligned?

The National Standards (NS) programme has an established governance structure in place to apply proper due diligence to standards going on, staying on and being retired from the platform to ensure they are for policing, by policing. For more details see 'MLR' and '4Pol' gradings FAQ regarding which specific standards are strategically aligned with policing.

The NS programme as a whole is aligned with with:

  • Police Digital Service
  • National Policing Technology Council
  • National Police Chiefs Council working groups
  • National Cyber Security Centre
  • College of Policing
  • Home Office (OCiP, PPPT)
  • Transforming Forensics / Forensic Capability Network
  • Defence Science and Technology Laboratory
  • National Policing Information Risk Management Team 
  • TechUK (Representing suppliers)
  • Blue Light Commercial
  • Data Standards Authority
  • National policing programmes
What does interoperability mean for National Standards?

Lack of interoperability of technical solutions, systems and tools is a recognised challenge in the policing sector. The National Standards programme supports the TechUK InterOp-Pol initiative, which is aimed at changing commercial behaviours by facilitating the ongoing development and adherence to an interoperability charter. This charter outlines a company’s commitment to openness and interoperability which in turn will help ensure products developed for policing can add value to one another, by the appropriate and secure sharing of data in a standardised way.

How are standards prioritised? What do the LMR / PMR / DFP gradings mean?
Note: The PMR grading is still in the process of being applied. This should begin in Q1 2022

What do the three gradings (LMR / PMR / DFP) mean?

The platform holds a large number standards, which have all met the criteria of being; 

  • Best practice
  • Value to policing
  • Fit into on of the data and technical categories

This means a lot of standards are present on the platform having met these criteria, so to help users prioritise which ones to look at and consider adopting first, they have been graded as follows:



Legislative Mandatory Requirement (LMR) - "Must have"

Standards documentation which stem directly from legislative requirements, which policing must follow by law, such as the General Data Protection Regulation (GDPR) standards. 

 

Policing Minimum Requirement (PMR) - "Should have"

The relevant National Police Chiefs Council (NPCC) owner for particular area of data and technology has given the document approval that it should be used by policing as it represents the national policing approach, helps the force align with the National Policing Digital Strategy and its use is supported by the NPCC.

 


Designed For Policing (DFP) - "Could have"

Documents which have been designed specifically for policing to use, which may make them easier, quicker and cheaper to adopt than those which have not.

 

Note: Standards can possess some, all or no gradings
What is the difference between National Standard: Principles, Policies, Standards, Guidance and Templates/Reference Data?

What is the difference between National Standard: Principles, Policies, Standards, Guidance and Templates/Reference Data?

 

  • Principles
    • The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
  • Guidelines / Policies / Standards
    • The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.  
  • Technical Reference
    • The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.

 

Retired standards

Retired standards

Standards that have been retired will still be available on the platform, as these standards may have been used to inform past decisions, they provide value for reference purposes. It is clear which standards are live and which ones are not, by checking the ‘Status’ which will read “Retired” and by them being greyed out on the search screen (indicating they are non-live, so may be in review, draft or retirement).

The platform links remain constant to ensure they can be used by processes and documentation requiring a URL to a specific standard. Any new standard created will have a new record and URL generated with the old one retired. These retired standards are coloured grey, to indicate that they are not live and should be treated with caution. There is a date added to each standard to show when it was made live and when it was retired – both events can only happen after going through our governance process.

Links and attachments

Links and attachments

The platform contains attachments of the documents signposted too, to ensure that a record is made of what was assessed by the governance process at that time. This attachment represents the approved version from the platform. A link is often provided to ensure users can locate the source of the document for any peripheral reading, or to see if an updated document has been developed. Although links are checked, we still encourage our users to let us know if a newer version exists or if a link no longer works.

Use Cases

With such a wide variety of National Standards documentation available, it can be difficult to know where to start. Using the categories is helpful to filter based on content, but that relies upon knowing what content to be sought out.

This use cases page will help you ask the right questions, to identify the right content, which you can then look for.

 

Framework: Product or Service

This framework is for use with a data or technology product or service, to ensure an appropriate range of standards are considered.

Whether you are a supplier, looking to introduce your product or service to policing, or a police force, looking to assess a product or service against established standards; you are encouraged to consider the below 10 steps and ask the question "Does this product or service apply to this step?"

 

Use Case Example

To help get you started, we have created the below fictional example to explain how to use the framework at each step.

 

Product: Smart-cuffs manufactured by Fictional Company Ltd, which record the fingerprint of the person they are applied to. 

 

Working through each stage, should help you form questions which the National Standards platform can help answer.

For example:

 

Hardware/Software Design:  If the device is running a version of Windows 10:1809 consider Security Guidance Windows 10 1809 

 

Data Storage: To ensure the effective and secure storage ability of this device, consider End User Device (EUD) Security Guidance

 

Data Retention: When using information, especially personally identifiable information consider Data Protection - GDPR

 

Interface: If the product visualises its results via a website or app, consider the public sector requirements on Website and application accessibility

 

Disposal:  When wiping sensitive data such as biometrics and handling the secure disposal of devices consider ICT Asset Recovery Standard 7.0 or Secure Sanitisation of Storage Media 1.0

 

This list is by no means exhaustive and is here as a guide for users to apply to their own individual and likely very specific use cases. If you are looking for a National Standard to fill that use case, but can't find it on the platform, please let us know, and we can then identify if this is a gap that we can fill on the platform