We have developed a range of template policies and resources to help you to improve how you keep information safe.
These resources can help you to meet your obligations on data security and protection – and to complete the Data Security and Protection Toolkit (DSPT).
You must have some particular policies in place, whereas others are optional. We have provided template policies which you can adapt to suit your own organisation.
There is no set number of how many policies your organisation has to have on these topics as the different sizes and complexity of organisations means that some will have one all-encompassing policy, whilst others may have multiple policies. The important thing is that you have them – and that you follow them.
You may call your policies different things to what we have called them, for example you might call your data protection policy an information governance policy or GDPR policy.
You must have the following policies in place in order to reach Approaching Standards on the DSPT.
You must have these additional policies in place, in order to move beyond Approaching Standards and get to Standards Met on the DSPT. And remember, you can only publish at Approaching Standards once. So you will need to have these policies in place if you are reviewing and republishing your DSPT.
In addition to the required policies, we also recommend that you consider having the following in place.
You may also find the following related guidance and resources useful.
The following external websites also provide very valuable information on data protection and cyber security.
To help us improve this website, we’d like to know more about your visit today.
Please leave any feedback below :