Skip to main content

Data manual

A guide to working with data in government and the public sector

Security

Strategies, policies and guidance to make your service safer.

Government Security

This site is the home of security strategies, standards, policies and guidance for UK government departments and their arm’s length bodies. Explore the 4 areas of government security (cyber, personnel, physical and technical), get the latest news and events, and subscribe to the newsletter for updates.

Secure by Design (part of Government Security)

Find out how to incorporate effective cyber security practices when building digital services and technical infrastructure. All government delivery teams and security professionals should follow the Secure by Design policy and principles, and take risk-driven activities to build a secure service.

National Cyber Security Centre (NCSC)

Cyber security guidance and resources for the whole of the UK – from citizens and sole traders to organisations of all sizes, the public sector and cyber security professionals. Learn how to recover from a cyber attack and improve your cyber resilience.

NCSC risk management guidance

Guidance for cyber security risk practitioners and anyone who is setting up, or looking to improve, a cyber security risk management function in their organisation. The guidance introduces core risk management concepts and provides steps to form the basis of any cyber security risk management process. If you’re new to this topic, the site also includes a basic risk assessment template.

Service Manual: Securing your information

A general introduction to information security when building government services. Learn how to assess the information security of your service, protect information and get an IT Health Check. This check provides assurance that your organisation’s external systems are protected from unauthorised access or change.

Principles for securing personal data in government services

This guidance is useful to anyone developing a system or service that processes or shares personal data. The 10 principles will help you identify risks in your service and implement controls to mitigate them.

Is this page useful? Give us feedback

Support links

Built by the data.gov.uk team
All content is available under the Open Government Licence v3.0, except where otherwise stated.