Skip to main content

This is a new service – your feedback will help us to improve it.

  1. Guidance
  2. Secure by Design
  3. About

About Secure by Design

The Secure by Design approach aims to increase the government’s cyber resilience and improve data sharing between organisations.

The policy has been developed by the Central Digital and Data Office (CDDO) and a cross-government working group in collaboration with the Government Security Group, National Cyber Security Centre (NCSC) and industry experts. It is a strategic priority included in the transforming for a digital future roadmap: 2022 to 2025 and the Government Cyber Security Strategy.

The approach provides:

Secure by Design is not an assurance process, however one of the principles is to continuously deliver effective security controls throughout the life of a service. To achieve this, delivery teams will need to provide a self assessment as evidence of meeting the Secure by Design principles when taking part in the digital and technology spend controls approval process.

Read the implementation guide for details of how teams can prepare for transition to Secure by Design within the required timescales.

Further information

Secure by Design | Principles | Activities | Implementation

The Secure by Design approach will evolve to reflect the needs of government digital services. Your feedback will help us to improve it.

Last update: 25 March 2024