NPSA recommends that products required to protect against a firearms attack are tested at an accredited test centre in accordance with the BS EN standards
Information on how open and shared data relates to a Security-Minded approach.
The consequences of failing to plan properly for new security projects or upgrades of existing security measures can be costly.
Guidance on how to take a security-minded approach to Digital Engineering, Technologies, Projects and Initiatives
NPSA and NCSC have written guidance about Network Connected Security Technologies (NCST)
It is important that you understand the risks associated with deploying these technologies, whether they relate to location sensitivities, data protection considerations or privacy concerns
NCST are highly functional computers which are connected to a network and need to be suitably protected
A New set of guidance documents and video for SCA (Security Considerations Assessment) have been published to ensure security-related vulnerabilities are considered across a range of activities and processes within an organisation
The planning process has a key role in making places – recommending how and where buildings should be built, what they should be used for and how they should fit into the local surroundings.
This page and guidance documents provide information on assuring safety systems so they are also secure
Effective security planning is essential for the application of good protective security.
A key purpose of connected places, also known as smart cities, also known as is to join up specific vertical sectors across organisational boundaries into a whole-city approach for the creation, delivery and use of city spaces and services
Guidance on how to take a Security-Minded approach to Digital Engineering, Technologies, Projects and Initiatives
Guidance on a security-minded approach to securing underground asset data.
NPSA have developed this guidance as we often see security being considered too late in the design process where the physical security measures conflict with the design aspirations
Passport to Good Security - Build it Secure: poor or insufficient attention to security at the design and build stage can pose significant risks once the build is completed and operational.
Passport to Good Security - Security Pre-Screening: pre-screening of employees, contractors and service providers should be included as part of your overall organisation security strategy.
Passport to Good Security - Legality, Ethics and Transparency: employees should understand the role they can play in protecting the organisation from internal and external threat.
Passport to Good Security - Mitigate your Risks: plan the specific actions your organisation will take following completion of the risk assessment, focusing on the threats specific to your organisation’s critical assets.
Passport to Good Security - Good Governance: in your role as a manager with responsibility for security matters, you should aim to identify answers to key questions about the governance arrangements your organisation has (or may not have) in place for security risks.
NPSA’s Passport to Good Security for Senior Executives sets out 20 principles for effective security management
Passport to Good Security - Identify your Most Valuable Assets: understanding which assets are critical to your organisation’s existence and operation should be the starting point in your protective security planning process.
Passport to Good Security - Hard Measures: ‘hard’ measures require establishing clear procedures to address any failures to adhere to security policy.
Passport to Good Security - Build it Secure: poor or insufficient attention to security at the design and build stage can pose significant risks once the build is completed and operational.
Passport to Good Security - Identify the Threats: consider threats from across the full spectrum of physical, personnel and people, and cyber, and how these threats might evolve over time.
Passport to Good Security - Adopt a Risk Management Approach: provide a framework to help you specify how you will manage the identified threats or risks to your most critical assets.
Passport to Good Security - Control Access: the level of security in your access control system needs to be a balance between business needs and effective security.
Passport to Good Security - Soft Measures: ensure security information is clearly and regularly communicated to staff, contractors and suppliers.
Passport to Good Security - Protect Your Information: a loss of data can cause organisation significant harm across every level, from loss of capital and reputation to a loss of staff confidence and well-being.
Passport to Good Security - Sharing of Information: sharing information inappropriately can pose a significant risk to your organisation, leaving it vulnerable to theft, loss of data or improper use of information.
Passport to Good Security - Online Social Behaviour: what your employees do and say online, or how they use digital devices, can make them and your organisation vulnerable to security threats.
Passport to Good Security - Home and Mobile Working: working away from the office can have numerous benefits for employees, but can also present an additional security risks.
Passport to Good Security - Staff Exit Strategy: employees leaving your organisation may take knowledge about operations, assets and security vulnerabilities with them.
Passport to Good Security - Search and Screening: your threat assessment will give you a good idea of the likely risks posed by anyone - and anything - entering your premises
All organisations need to ensure they have the processes and procedures in place to deliver an effective, efficient and compliant security provision
NPSA provides support to security professionals to maximise the reach of NPSA advice and guidance.
Effective security risk management requires an organisation to have defined governance and oversight of protective security management systems.
An essential tool to enable you to produce a clear, considered, high-level statement of security needs based on the risks faced
Protective security is important for a site’s own infrastructure which is crucial for it to function or could present hazards if attacked.
Passport to Good Security - Legality, Ethics and Transparency: employees should understand the role they can play in protecting the organisation from internal and external threat.
Passport to Good Security - Mitigate your Risks: plan the specific actions your organisation will take following completion of the risk assessment, focusing on the threats specific to your organisation’s critical assets.
Passport to Good Security - Good Governance: in your role as a manager with responsibility for security matters, you should aim to identify answers to key questions about the governance arrangements your organisation has (or may not have) in place for security risks.
NPSA’s Passport to Good Security for Senior Executives sets out 20 principles for effective security management
Passport to Good Security - Identify your Most Valuable Assets: understanding which assets are critical to your organisation’s existence and operation should be the starting point in your protective security planning process.
Passport to Good Security - Identify the Threats: consider threats from across the full spectrum of physical, personnel and people, and cyber, and how these threats might evolve over time.
Passport to Good Security - Adopt a Risk Management Approach: provide a framework to help you specify how you will manage the identified threats or risks to your most critical assets.
How will you embed the desired security behaviours and culture in your organisation?
Access NPSA’s tools and resources that can support you as you look to improve your security culture
An effective security culture is an essential component of an organisation’s protective security regime. Learn more about security culture and how effective leadership can shape the security culture of your organisation.
The Security Industry Authority (SIA) has launched the Stay Safe, Tell Security campaign, urging the public and businesses to remain vigilant and report any unusual activity to nearby licensed security operatives or the police.
Get started here with an overview of security culture and why it’s important.
Security-Mindedness is about encouraging business leaders, managers and practitioners to consider security across all areas of your organisations
This guidance is for users of shared workspaces and provides practical advice tailored to your workspace and activities
This guidance is designed to help workspace providers provide the safety and collaboration that your users seek.
This guidance helps you to recognise suspicious adverts and recruiter behaviours and understand how you can protect yourself and your organisation by reporting concerns and ceasing engagement if something doesn’t look right
Guidance aimed at Users and Providers of shared workspaces, offices, coworking spaces and laboratories to encourage basic security practices and enhance your security awareness
Protected Procurement is guidance for businesses and organisations to help embed security across supply chains and to protect from supply chain attacks. Created in partnership with CIPS
Guidance for business who are also suppliers on how to develop and improve their security profile. This aims to encourage suppliers to see security as part of their competitive edge.
Guidance on supply chain resilience or the security of supply. Aims to help businesses and organisations to anticipate, prepare and adaptively respond to prevent disruption to supply chains.
High level guidance for senior business leaders on protecting business from supply chain attacks. This aims to empower to prioritise and resource supply chain security.
Guidance for those practitioners responsible for implementing supply chain security within organisations. Suitable for procurement professionals, commercial teams, security professionals, and others.
Information on how open and shared data relates to a Security-Minded approach.
Guidance on how to take a security-minded approach to Digital Engineering, Technologies, Projects and Initiatives
A key purpose of connected places, also known as smart cities, also known as is to join up specific vertical sectors across organisational boundaries into a whole-city approach for the creation, delivery and use of city spaces and services
Guidance on how to take a Security-Minded approach to Digital Engineering, Technologies, Projects and Initiatives