Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  4. GovAssure announcements and newsletters

Author: Government Security Group

Last updated: 2025-04-30

GovAssure announcements and newsletters

Announcements and past newsletters sent out by the GovAssure team

GovAssure 2025/26 Timeline

Year 3 of GovAssure (2025/26) will start in September 2025. Please see the timeline below.

  • Sept – Oct  | Stages 1 & 2 [Scoping]
  • Nov – Jan   | Stage 3 [CAF Self Assessment]
  • Feb – Mar   | Stage 4 [Independent Review]
  • April – May | Stage 5 [Targeted Improvement Plan]

GovAssure stage 4 accreditation change

The Cyber Resilience Audit (Opens in a new tab) (CRA) scheme is an accreditation scheme run by the National Cyber Security Centre (NCSC). The scheme assures suppliers delivering independent cyber audits, initially based on the Cyber Assessment Framework (CAF).

From Summer 2025 we plan to close the current accreditation routes (NCSC Assured and Non-NCSC Assured) for GovAssure assessors. This will not impact procurements already in motion at this time for year 3.

From 26/27FY only suppliers that are part of the CRA scheme and comply with our bespoke GovAssure requirements will be able to deliver GovAssure IARs. We are working closely with NCSC and Crown Commercial Service (CCS) on this transition, and will be engaging the GovAssure supplier community separately.

 

GovAssure Newsletters

To receive the GovAssure newsletter, sign up through the subscription form using your government email address. Non government addresses will not be sent this newsletter.

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now