The Cabinet Office maintains protective security policies for government.
This includes the Security Policy Framework which provides central internal protective security policy and risk management for government departments and associated bodies. It is the source on which all localised security policies should be based.
The framework was made publicly available for the first time in December 2008; however, it has clearly been necessary to restrict access to some technical and procedural material on security grounds. Whilst security policies will differ according to the range of risks faced by each organisation, the framework sets out the minimum security requirements. The framework also provides technical information, advice and guidance to support implementation of the policy requirements.