The UK Government has released an updated version of the Security Policy Framework (version 7) which reflects changing opinions on the best way to manage security risks within Government.

The primary change with this new release is that the Mandatory Requirements have reduced from 68 in the previous version to 20 in the current version. The Security Policies have also reduced to 4 (from 5) with Business Continuity being removed as an independent policy and merged with the others (principally, Security Policy 1 Governance).

As this is a fairly significant change, we will look to updating our SPF Compliance Audit Checklist (currently available in our downloads section) in the very near future.