Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  4. GovAssure newsletters and announcements

Author: Government Security Group

Last updated: 2025-11-13

GovAssure newsletters and announcements

Past newsletters and annoucements from the GovAssure team.

GovAssure newsletters

To receive the GovAssure newsletter, sign up through the subscription form using your government email address.

GovAssure announcements

WebCAF demos – October 2025

Thank you to all those who joined one of the recent demos of the new WebCAF service. The recording is now available to watch.

GovAssure 2025/26

The timeline for GovAssure in 2025/26 is:

  • Sept – Oct  | Stages 1 & 2 [Scoping]
  • Nov – Jan   | Stage 3 [CAF self-assessment]
  • Feb – Mar   | Stage 4 [Independent assurance review or peer review]
  • April – May | Stage 5 [Targeted improvement plan]
We have a strict 31 March 2026 deadline for all organisations completing GovAssure to submit their assessments on WebCAF and share all final assessment reports with the GDS GovAssure team. 

See our updated GovAssure guidance to get started!

GovAssure stage 4 accreditation change

The Cyber Resilience Audit (CRA) scheme (Opens in a new tab) is run by the National Cyber Security Centre (NCSC). The accreditation scheme gives organisations confidence in companies that have been assessed as meeting the NCSC standard for delivering independent cyber audits.

From 2026/27, only suppliers that are part of the CRA scheme will be able to deliver GovAssure independent assurance reviews. We are working closely with NCSC and Crown Commercial Service (CCS) on this transition. This does not affect independent assurance reviews in the current GovAssure year.

 

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now