Security Policy
Role overview
The role of Security Policy is to develop, implement and maintain business-enabling policies and processes relevant to the Government Security Profession, taking into account local requirements and ensuring adherence to applicable regulation and wider departmental and government policies.
Role level
Typical role expectations
- Support the establishment of an appropriate protective security organisational posture to encourage an effective risk-based approach to security across the estate, taking into account political, economic, social, technological, legal and environmental considerations
- Demonstrate sound understanding of the intended outcomes of the policy and what successful end-to-end delivery looks like
- Support the development of mechanisms to drive continuous improvement within wider government and across national and international standards, enforce sanctions and encourage the sharing of best practice
- Assess quantitative and qualitative data to support the creation of evidence-based policy, evaluating and presenting evidence within the appropriate tooling
Typical role expectations
- Manage the establishment of an appropriate protective security organisational posture to ensure an effective risk-based approach to security across the estate, taking into account political, economic, social, technological, legal and environmental considerations
- Communicate to both technical and non-technical senior audiences the intended outcomes of the policy and what successful end-to-end delivery looks like
- Manage the development of mechanisms to drive continuous improvement within wider government and across national and international standards, enforce sanctions and encourage the sharing of best practice
- Review quantitative and qualitative data to support the creation of evidence-based policy, evaluating and presenting evidence within the appropriate tooling
Typical role expectations
- Lead the establishment of an appropriate protective security organisational posture and encourage an effective risk-based approach to security across the estate
- Provide policy leadership and thought leadership to technical and non-technical stakeholders
- Lead the development of mechanisms to drive continuous improvement within wider government and across national and international standards, enforce sanctions, and encourage the sharing of best practice
- Shape strategic direction based on quantitative and qualitative data to support the creation of evidence-based policy
Skills
| Skill | Associate | Lead | Principal |
|---|---|---|---|
| Protective Security | Working | Practitioner | Expert |
| Legal & Regulatory Compliance | Working | Practitioner | Expert |
| Applied research | Awareness | Working | Working |
| Risk understanding | Awareness | Working | Working |
| Threat Understanding | Awareness | Working | Working |
Core learning
As a Security Policy professional, both Policy and Security Profession standards will apply to you. Please also consult the Policy Profession Standards and the learning and development pages on the Policy Profession website.
Associate
Risk Management for Non-Risk Professional
NPSA – Security Culture Digital Learning
Certified Data Protection Foundation (GDPR)
Lead
NPSA – Security Culture Digital Learning
NPSA – Reducing Insider Risk
Certified Data Protection Foundation (GDPR)
Principal
NPSA – Reducing Insider Risk
NPSA – Security Culture Digital Learning
Certified Data Protection Foundation (GDPR)