Government security

This series brings together all documents relating to government security.

The Cabinet Office maintains protective security policies for government.

This includes the security policy framework which provides central internal protective security policy and risk management for all government departments, associated bodies and partners handling government information. It is the source on which all localised security policies should be based.

The framework was made publicly available for the first time in December 2008; however, it has been necessary to restrict access to some technical and procedural material on security grounds. While security policies will differ according to the range of risks faced by each organisation, the framework sets out a range of mandatory security outcomes. The framework also provides technical information, advice and guidance to support implementation of the policy requirements.

Government Functional Standard GovS 007: Security

Security policy framework

The framework describes how government organisations and third parties handling government information and other assets will apply protective security. This will ensure that government can function effectively, efficiently and securely.

Security policy framework supporting documents

Personnel security controls

Personnel security and national security vetting policies and how the processes work.

Government security classifications

The government began using new and simpler security classifications from 2 April 2014.

International security classifications

Industrial security

Industrial security is applying measures to ensure that contractors protect government classified information in pre-contract negotiations and throughout the life-cycle of a classified contract.

Published 1 April 2013
Last updated 27 May 2021 + show all updates
  1. Addition of - Industry Personnel Security Assurance: Policy and Guidance.

  2. Addition of Government Functional Standard GovS 007: Security.

  3. Added 'Government Security:Roles and Responsibilities' to collection.

  4. Added The Minimum Cyber Security Standard.

  5. Update to International Security Classifications group

  6. Added advice on national security vetting for people who are vetted.

  7. Added 'National security vetting: advice for staff'

  8. Added 'Recruiting for vacancies requiring National Security Vetting clearance'.

  9. Added sub-sections for security classifications.

  10. First published.