Government Cyber Incident Response Plan (G-CIRP)

About the G-CIRP

The G-CIRP outlines how the government responds to cyber incidents in a coordinated and consistent way, so departments know what to do, who to notify and how to align with the cross-government response.

It operates within the National Cyber Incident Management Framework and provides:

• clear roles and responsibilities across government
• a consistent framework for departmental cyber response plans

The G-CIRP supports how we will improve the cyber security and resilience of public services, as part of the Government Cyber Action Plan.

What the G-CIRP means for you

For a summary of what the G-CIRP means for you and the actions you need to take, read the key points for departments summary (sign-in required). This page also includes web-optimised and print-ready PDFs.

Contents

The G-CIRP contains 4 chapters and appendices. These links will take you to the relevant part of the response plan’s HTML page:

1. Foreword
2. Introduction
3. Government cyber incident response principles and structures
4. Government cyber incident response process
5. Appendices

Related policies and guidance

The G-CIRP supports the following reports and guidance:

• Government Cyber Action Plan
• The Amber Book
• The National Security Strategy 2025
• The State of Digital Government Review
• A blueprint for modern digital government
• National Cyber Incident Management Framework

To request a copy of the National Cyber Incident Management Framework, email securitygovuk@cabinetoffice.gov.uk

Feedback

If you have any problems with this page or any suggestions about how to improve it, use our feedback form.

Request an accessible format

If you need a version of the G-CIRP in a more accessible format, for example large print, email securitygovuk@cabinetoffice.gov.uk