Security policy framework

The standards, best practice guidelines and approaches that are required to protect UK government assets.



The security policy framework describes the standards, best-practice guidelines and approaches that are required to protect UK government assets (people, information and infrastructure). 

It focuses on the outcomes that are required to achieve a proportionate and risk-managed approach to security that enables government business to function effectively, safely and securely.

Published 1 April 2013
Last updated 7 July 2014 + show all updates
  1. Contractual process document updated.
  2. Added 'Contractual process - forms' document.
  3. Added HTML version of the Security Policy Framework.
  4. Updated (April 2014) Security Policy Framework published; 'Understanding the Security Policy Framework' removed as it related to the old version of the Framework.
  5. The following documents have been updated with the latest (April 2014) versions: HMG Baseline Personnel Security Standard (previous update: Oct 2013) HMG Security Policy Framework (previous update: Oct 2013) Contractual process (previous update: April 2013) Industrial security: departmental responsibilities (previous update: April 2013) Security requirements for list x contractors (previous update: April 2013)
  6. Updated HMG Security Policy Framework and associated documents with October versions
  7. Added 'Supplier Assurance Framework' - a good practice guide for departments.
  8. First published.