Consultation outcome

Control of data: proposed new text for the codes of practice and conduct

This consultation has concluded

Detail of outcome

All the responses to the consultation were taken into account when redrafting this document. The final version is published as FSR Regulatory Notice 02/2020.

Original consultation


Views were sought on potential new text for the Control of Data section of the Regulator's codes of practice and conduct.

This consultation ran from

Consultation description

A recent cyber security issue that significantly affected a forensic science provider has raised the question of whether the community requires more specific requirements covering the range of possible types of IT security.

The National Cyber Security Centre (NCSC) was asked to consider what specific requirements could be considered for future versions of the codes.

The Regulator asks that all forensic science providers of any size, review their IT security, as informed by the text in annex A of the attached report, to:

  • determine and address weaknesses
  • identify and feedback on any significant practical challenges to implementation


Advice from the National Cyber Security Centre on potential new text for the Control of Data section of the Regulator’s codes of practice and conduct

This file may not be suitable for users of assistive technology.

Request an accessible format.
If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email Please tell us what format you need. It will help us if you say what assistive technology you use.
Published 14 August 2019
Last updated 3 August 2020 + show all updates
  1. Final outcome of the consultation added.

  2. First published.