Guidance

Using this guidance collection

Updated 10 July 2023

© Crown copyright 2023

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/secure-connected-places-smart-cities-guidance-collection/secure-connected-places-smart-cities-guidance-collection

Who is this collection for?

This guidance collection is for organisations responsible for the design, procurement, implementation and management of connected places technology throughout its life cycle, as well as organisations using the resulting data to deliver local services.

The start of each section identifies which broad role type each category of guidance is likely to be most relevant to. However, each organisation has its own unique structures and depending on the approach of your organisation to managing your connected place, this guidance may be applicable to multiple individuals. We encourage you to review each page as well as consider who in your organisation might benefit from reviewing which guidance. The role types include:

  • Organisation leadership: the senior leadership and decision makers within an organisation that need to have a broad overview of the principles of security relating to connected places.
  • Connected places project lead/manager: individuals responsible for the delivery and management of an organisation's connected places strategy or a specific connected place project. We envisage that this role type will include those individuals responsible for your organisation's procurement of connected place technology and information protection. There might be multiple individuals across a number of business areas that may fulfil this role on a project and some guidance may be more or less relevant to their responsibilities. We would encourage each of them to review the guidance rather than relying on a single individual. It is important that these individuals have a strong overview of the available guidance so they can ensure the right questions are asked of, for example, IT professionals responsible for the technical implementation.
  • IT professional and cyber security leads: individuals with a more technical background, responsible for the design and implementation of a connected place system. This also includes individuals who have oversight of the cyber security of their organisation.
  • Information managers, processors and users: Individuals who are responsible for processing, managing, using and sharing the information that is generated by connected place technologies.

How to use this guidance

Each connected place is different and its own unique security requirements. The guidance should therefore be interpreted and applied in line with your connected place's specific context. Similarly, the maturity of connected places across the UK differs. You may be at the early stages of your connected place journey or your thinking might be more developed. We encourage you to return to the collection as your connected place evolves and develops.

The collection will be regularly updated when new guidance is produced or updated. Please revisit the collection regularly to ensure you are following the most up-to-date guidance. Should you need any further support or technical guidance, key contacts are listed on the landing page under ‘Further Support’.

Back to top