Corporate report

SCP06 NDA estate cyber incident reporting and response policy

This document sets out the policy for the reporting of, and response to, cyber incidents originating in, or impacting on, the NDA's estate.


SCP06 NDA estate cyber incident reporting and response policy Rev2

This file may not be suitable for users of assistive technology. Request an accessible format.

If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email Please tell us what format you need. It will help us if you say what assistive technology you use.


This document is intended to assist with the identification of cyber incidents, and the reporting of them to the appropriate authorities.

Whilst responsibility for responding to cyber incidents within the NDA lies with duty holders, any incident in one part of the estate could impact on others and so this policy also aims to ensure that risk owners across the estate have the information that they require to protect themselves from comparable attacks. Equally, this policy also aims to identify the processes by which NDA, and the rest of the estate, might render assistance to each other in the event of a cyber incident.

Published 12 August 2016