Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
ISO/IEC 27003:2017 Preview
ISO (the International Organisation for Standardisation) and IEC (the International Electrotechnical Commission) form the specialised system for worldwide standardisation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organisation to deal with particular fields of technical activity. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
This document provides guidance on the requirements for an information security management system (ISMS) as specified in ISO/IEC 27001 and provides recommendations (‘should’), possibilities (‘can’) and permissions (‘may’) in relation to them. It is not the intention of this document to provide general guidance on all aspects of information security.
Clauses 4 to 10 of this document mirror the structure of ISO/IEC 27001:2013.
This document does not add any new requirements for an ISMS and its related terms and definitions. Organisations should refer to ISO/IEC 27001 and ISO/IEC 27000 for requirements and definitions. Organisations implementing an ISMS are under no obligation to observe the guidance in this document.
An ISMS emphasises the importance of the following phases:
-
understanding the organisation’s needs and the necessity for establishing information security policy and information security objectives;
-
assessing the organisation's risks related to information security;
-
implementing and operating information security processes, controls and other measures to treat risks;
-
monitoring and reviewing the performance and effectiveness of the ISMS; and
-
practising continual improvement.
Encoding Characters
UTF-8, an encoding form for Unicode character sets, for government digital services and technology encodes all Unicode characters without changing the ASCII code.
Unicode is based on the American Standard Code for Information Interchange (ASCII) character set.
UTF-8 is an international standard used by, data scientists, data analysts and developers. It allows you to read, write, store and exchange text that remains stable over time and across different systems. It also have accurately translated languages moving between systems and prevent accidental or unanticipated corruption of text as it transfers between systems.
This makes UTF-8 flexible for a wide range of uses.
The government chooses standards using the open standards approval process and the Open Standards Board has final approval. Read more about the approval process for cross-platform character encoding.
All vehicles (VEH01)
All vehicles (VEH01) is a dataset of all licensed and registered vehicles in Great Britain and the UK, produced by Department for Transport.
It contains licensed vehicles, registered vehicles for the first time, vehicles by numbers of keepers, Statutory Off Road Notification (SORN) and the Ultra-low emissions vehicles (ULEVs).
For more information please contact Vehicles statistics
Emailvehicles.stats@dft.gov.uk
Public enquiries: 020 7944 3077
ISO/IEC 27032:2012 Information Technology — Security Techniques — Guidelines for Cybersecurity
ISO (the International Organisation for Standardisation) and IEC (the International Electrotechnical Commission) form the specialised system for worldwide standardisation. National bodies that are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organisation to deal with particular fields of technical activity. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
The Cyberspace is a complex environment resulting from the interaction of people, software and services on the Internet, supported by worldwide distributed physical information and communications technology (ICT) devices and connected networks. However there are numerous security gaps not covered by current information security, Internet security, network security and ICT security. The aim of this international standard is to address Cyberspace security issues and bridge the gap between different security domains in the cyberspace.
International Standard provides technical guidance for addressing common cybersecurity risks such as social engineering, hacking, spyware and proliferation of malicious software.
It also provides guidelines for addressing risk such as preparing for attacks, detecting and monitoring attacks and responding to attacks.
The International Standard also provides a framework for information sharing, coordination, and incident handling.
Domain-based Message Authentication, Reporting & Conformance (DMARC)
The Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email standard that used in email transactional activity. It helps validates a senders identity using Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). The receiving email service uses SPF and DKIM to confirm the sender’s identity. If the receiving email service confirms the sender’s identity it will forward the email to the receiver’s inbox. If the receiving email service cannot confirm the sender’s identity it will mark the email as spam.
Using DMARC has its benefits such as helps to protect the users, employees from cybercrime, reduce customer support costs relating to email fraud and improve trust in the emails organisation sends and receives.
Showing 66 to 70 of 200 entries.