Guidance

This page contains various security-related guidance for use across government.

GSeC International

You can find the GSeC International guidance here (requires signing in).

Secure by Design approach

You can find the Secure by Design approach here.

GovAssure

You can find the GovAssure guidance here.

Procurement and Security Schedules for contracts

You can find the Modular Security Schedules here (requires signing in).

Email guidance

You can find the email guidance here.

How to Publish Information Safely Quick Guide

You can find the How to Publish Information Safely Quick Guide here

Or click here to view or download the PDF.

Social media guidance

You can find the social media guidance here.

Writing security.gov.uk documentation

You can find guidance on writing documentation for security.gov.uk here.

Cyber Assessment Framework (CAF)

You can find the Cyber Assessment Framework (CAF) at NCSC's website.

Unauthorised disclosure investigation guidance

You can find the unauthorised disclosure investigation guidance here (requires signing in).

The role of Information Asset Owners (IAOs) in government

Guidance on the responsibilities of an IAO in managing the risks to personal information and business critical information held within a department can be found here: The role of Information Asset Owners (IAOs) in government.