Search - National Standard Microsite
National Standards can be classified based on whether they are conceptual, rule based or value based:
- Principles - The defining characteristic of a principle document is that it is conceptual. It describes a target state or end goal without specifying how it will be achieved.
- Guidance/Policies/Standards - The defining characteristic of guidance, policies and standards are that they are rule based. The document specifies the rules to be applied to achieve a particular state.
- Technical Reference Templates - The defining characteristic of a template is that it is value based. It specifies exactly the values that must be used.
National Standards graded 4Pol are standards which meet the below criteria and should be considered first, before any other standard in that category, as they fit the National Policing Digital Strategy allowing forces and suppliers to converge on a single set of standards.
4Pol Criteria:
- Support minimum legal requirements where they exist
- Align with the National Policing Digital Strategy to ensure strategic alignment and design
- Align with the TechUK Justice & Emergency Services Interoperability Charter to deliver better data sharing, exchanging and exploitation
- Direct relevance and applicability to policing
- Represent best practice
- Able to be measured and achieved within the unique landscape of policing
National Standards graded MLR stem directly from legislative requirements, such as the General Data Protection Regulation (GDPR) standards. These are National Standards which represent the minimum requirements to ensure that data and technology in use is operated in a lawfully compliant manner. These should be considered the baseline in applicable categories.
National Standards are divided into broad categories based on their focus. To recognise there is no clear dividing line, some National Standards may possess two categories, but the selected category reflects the primary focus of the National Standard:
- Analytics - Digital systems capable of creating actionable information from structured or unstructured data
- Asset Management - The way in which IT assets are acquired, used and disposed of
- Incident, Crime and Records Management Systems
- Digital systems used to manage policing and corporate records
- Cloud - Remote, off-premises computer system resources which host a range of functions across a potentially wide range of distributed sites
- Data - Information held in a structured or unstructured digital format
- Devices - Physical devices capable of viewing, changing, creating, distributing or storing digital information
- Digital Media - Media stored in an electronic format from any source
- Enterprise Resource Planning - Enterprise resource planning (ERP) is the management of integrated business processes via a software solution
- Forensics - The use of investigative technology and methodology to gather intelligence and admissible evidence
- Intelligence Systems - Digital system used to view, change, create, distribute or store sensitive digital information
- Justice - Systems, technologies and methodologies used within the Criminal Justice System
- Mobility - Software specifically designed to run on a mobile device such as a phone, tablet or watch
- Office Productivity & Collaboration Systems - Software specifically designed to address specific business needs such as communication, collaboration, document creation and content management
- Operational Policing - Specialist operational policing functions
- Security - The technology and methodology used in the protection of digital assets and services
Tags are assigned to National Standards to help users find grouped / related documentation
Intelligence Management Research & Analysis APP
This document was retired in July 2021. This was replaced by the wider Intelligence Management APP
Research and analysis are very important tools used in policing for intelligence purposes to understand crime and investigate criminal activity. It is a way of processing and analysing material and information presented to support decision-making. With this comes the intelligence cycle where a sequential process is undertaken to allow the information presented to be developed into intelligence. This involves the roles of the analyst, researcher, data sources, analytical techniques used, reports etc.
This guidance document helps to explain what the intelligence cycle is, the direction, collection and collation of relevant information, evaluation and analysis of the data. It goes into detail explaining the roles highlighted above as well crime theories and approaches, terms of reference, data sources, using statistics, and analytical techniques, output reports, dissemination of output report and on-going reviews.
National Firearms License Management System (NFLMS) Version 0.1
This document was retired in June 2021.
The National Firearms Licensing Management System provides a method for managing the licensing of firearms, shotguns and explosives. It records all individuals, companies and dealers who have applied for, or have been granted, a certificate.
The dataset consists of:
-
Action
-
Addresstype
-
Alarmtype
-
Applicationstatus
-
Approvaltype
-
Calibre
-
Capacitytype
-
Certificatestatus
-
Certificatetype
-
Clubstatus
-
Colour
-
Condition
-
Constructiontype
-
Enquirytype
-
Ethnicity
-
Logeventtype
-
Manufacturer
-
Measurement
-
Nationality
-
Occupation
-
Personmarkertype
-
Sex
-
Weaponcategory
-
Weaponclass
-
Weapondisposalcode
-
Weaponstatus
-
Weapontype
Corporate Data Model (CorDM) Version 7.3
This document was retired in July 2021.
Aligned to PND Context v3.2.2. CorDM 7.3 uses the same versions of CV lists (where common) as PND Context v3.2.
Reference dataset consists of:
AbscondercirculationInstitutionType
AccomodationResourceType
AccountTransactionType
AccountType
ACPOCodeLevel4Type
ACPOCodeQualifierType
ActionSpecificationType
ActionType
ActivityPriorityType
ActivityStatusType
AdministrationAreaType
AlarmActivationAccessType
AlarmFacilityPurposeType
AlarmFacilityReasonType
BankAccountType
BloodGroupType
BodyPositionType
BuildingUnitType
CalendarEntryType
CalendarType
CalibreType
CaseFileType
CaseIssueType
CaseStatusType
CasualtyType
CellType
CheckType
ChequeType
ChildProtectionCaseStatusType
CHISRewardType
CHISMotiveType
CHISStatusType
CollectionType
ColourType
CommercialOrganisationType
CompetencyType
ComplextionType
Plus many more
Authentication and Credentials for use with HMG Online Services (Good Practice Guide No. 44) (Issue 2)
This document was retired in July 2021.
This document is good practice guidance to Her Majesty’s Government (HMG) public service providers to describing how types of credentials supports support user authentications to HMG online services.
HMG online public services can be a high target for many sources of threats and as such may pose a significant level of risk. As a result Public service providers must be aware of the credential choices of authentication levels that relate to HMG online services. There are three high-levels of authentication:
-
Authentication demonstrates that authentication requestor possesses the credential for a legitimate account.
-
Authentication provides confidence that the credentials is being used/or with explicit consent by a legitimate account holder and might support civil proceedings.
-
Authentication provides confidence that the credentials is being used/or with explicit consent by a legitimate account holder and might support criminal proceedings.
The level of assurance assigned to an authentication credential has many factors incorporated into and is considered against the threat levels associated with the Government service provider.
Some of the factors considered are the type of credential required, the on-going management of the credential by the identity Provider (IDP), the quality and extent of monitoring and reactions by the IDP, the Information Assurance (IA) maturity of the authentication provider and much more.
The CESG Information Assurance Standards and Guidance welcomes feedback. To leave feedback and review please email enquiries@cesg.gsi.gov.uk
National security Strategy & Strategic Defence & Security Review 2015
This document was retired in July 2021
National Security and economic security are dependent on each other, and if any wants to thrive, both have to thrive. The security of the nation is dependent upon a strong economy, and a strong economy is dependent upon strong security. Therefore the Defence budget is seen as critical to the government to maintain strong national security.
With the threat to the UK ever increasing, from the rise of ISIS and greater instability in the Middle East, risk of pandemics such as COVID 19, threat of Cyber attacks, the world is more dangerous and uncertain than ever before and as such investing in our security is of upmost importance.
This document sets out our National Security Strategy and how we will implement it within the UK. The UK’s priorities are to deter state-based threats, tackle terrorism, remain a world leader in cyber security and ensure we have the capability to respond rapidly to crises as they emerge. Therefore the vision can be determined as to promote a secure and prosperous United Kingdom, with global reach and influence using strategic enablers such as the Armed Forces, Security & Intelligence Agencies, Diplomatic service overseas and our Allies.
Protective Monitoring for HMG ICT Systems
This document was retired in July 2021
This Guide demonstrates how the provision of an effective framework of Protective Monitoring of HMG ICT systems is an essential contribution to the treatment of information security risks.
Protective Monitoring is a set of business processes and contains essential support technology in monitoring and provide risk treatment to how ICT systems are used and to ensure accountability to the systems. This includes facilities of audit trails, audit logs and raising alerts.
However if these processes are not implemented or monitored it would be easy for the abuse of such ICT systems, the information that it possesses by users who wish to misuse the system and information.
The confidentiality, integrity and availability of public sector ICT systems are of upmost importance. This guide shows us how important implementing an effective protective monitoring process for the treatment of information security risks. Other factors must be considered with this, such as the necessary supporting infrastructure, manpower resource, skilled expertise and IA.
The aim of this guide is to provide advice on good practise to adhering to the protective monitoring obligations, the information that needs to be recorded and audited, events generated and alerted generated in response to potential misuse and abuse of the ICT systems as well as anticipated modes of attack.
Intended readers are for all Information Assurance (IA) practitioners.
Understanding ISS4PS Volume 1
This document was retired in July 2021
The Information Systems Strategy for the Police Service (ISS4PS) is an overarching strategy for Information and Communications Technology (ICT) and Information Systems (IS) for the Police service across the whole of England and Wales.
The ISS4PS policies calls on the police service to work together to adopt common standards, products, common administrative and citizen-focused services to help improve police performance and efficiency, and to reduce costs by establishing foundations and defining governance, securing alignment and delivering joined-up services across each force.
As a result, in the coming years, the ISS4PS will become a major pillar underpinning police efforts to support Transformational Government, the creation of strategic forces, and be a key tool for the National Policing Improvement Agency.
It is important to note that the ISS4PS represents a collective view of key stakeholders ranging from the Home office, Association of Chief Police Officers (ACPO), Association of Police Authorities (APA), the various police forces and the Criminal Justice Information Technology (CJIT).
Implementing ISS4PS Volume 2
This document was retired in July 2021
The Information Systems Strategy for the Police Service (ISS4PS) version 3 is the overarching strategy for Information Systems (IS)/Information Communication Technology (ICT) in policing. ICT Architecture is the technical foundation of an effective ICT strategy. The ISS4PS focuses on technology, data and application architecture, therefore as a result this document contains technical detail describing the architecture.
The ISS4PS is designed to assist in meeting many of the goals of government imperatives, such as, the National Policing Plan. In order for the Police Service to meet the demands set out, it must view itself as an enterprise operating at a national level. It also follows the e-GIF standards and principles, recognises the diversity of IS/ICT within the Police Service, and is cognisant of Criminal Justice System (CJS) technical architectures.
The key theme that runs throughout the ISS4PS is that the Police Service will develop more commonality and become more joined-up in its approach to IS/ICT services.
Intended readers are for ICT Directors, ICT central coordinators, ICT Solution Architects, service providers and technical staff at the Home Office, Association of Chief Police Officers (ACPO), Association of Police Authorities (APA), the Forces, and Criminal Justice Information Technology (CJIT).
HMG IA Standard Number 1 & 2 Information Risk Management (Issue 4)
This document was retired in July 2021
Information Risk Management play a major role in the Police Service and in government agencies. All government departments and agencies must produce an Information Risk Management policy, as it is a fundamental aspect to Information Security Strategy as it has a huge impact on IA policies, standards and procedures. This must include:
-
Information risk appetite
-
Compliance with all legal and regulatory requirements
-
IA governance framework
-
Technical risk assessment against all ICT systems
This document serves as part of the Security Policy Framework (SPF) and supports the SPF mandatory requirements.
The aim of this standard is to provide twenty Risk Management Requirements (RMRs), which government agencies must use as the basis for Information Risk Management Policy as well as supporting the intended readers list.
Intended readers are senior Information Assurance (IA) related government posts, Senior Information Risk Owners (SIROs), Departmental Security Officers (DSOs), Information Asset Owners (IAOs), Information Risk Managers (IRM), Security & Information Risk Advisors (SIRAs), Information Assurance Analysts.
For further enquiries, or if you'd like to provide feedback, please email or fax:
Email: enquiries@cesg.gsi.gov.uk
Fax: (01242) 709193 (for UNCLASSIFIED FAXES ONLY)
Digital Imaging Procedure (Version 2.1)
This document was retired in July 2021
Digital imaging has become firmly established in the mainstream of public life and as a key enabling technology for the Police Service and Criminal Justice System (CJS) and has enormous benefit for the swift and accurate outcome of investigations.
Digital Imaging is the capture, retrieval, storage or use of evidential digital images. The aim of this document is to detail the processes involved in the proper capture and handling of digital images for police applications and to define best working practice starting from the process of the initial preparation and capture of images, through the transfer and designation of Master and Working Copies, to the presentation in court and finally the retention and disposal of exhibits.
A key part of the digital imaging process is the creation of an identifiable and isolated Master reference as this procedure enhances the integrity of proper evidential gathering processes whilst reducing the risk of malicious manipulation. It is also important to note that broader range of technologies are now available for the capture and storage of digital imagery which will be discussed in the document.
Intended readers of this document are operational, administrative and judicial staff involved throughout all stages of the Criminal Justice System (CJS) and anyone handling digital imaging.
Showing 191 to 200 of 204 entries.