Good practice guidelines

A key CPNI objective is to promote best practice among operators of the national infrastructure. This reflects our commitment to information sharing.

One of the most important ways of improving technical standards - and increasing protection against electronic attack - is by looking at the experience of others and drawing from their lessons. Guidance can also be enhanced by the findings of research work, as well as the general day-to-day experiences of professionals in the field.

In this section you will see links to guidelines produced by our experts, in collaboration with, for example, members of Information Exchanges.

The Border Gateway Protocol Filtering Guidelines (pdf) are designed to improve the robustness of systems. The Telecommunications Resilience paper (pdf) carries four key recommendations, and is aimed at helping organisations understand why resilience is an issue and what needs to be done to mitigate the risks. Process control and SCADA Security (pdf) highlights good practice for securing industrial process control, automation and supervisory control and data acquisition (SCADA) systems.

Most recent good practice guidelines

• How to protect Information Assets from theft and exfiltration by Third Parties and Contractors
• Risk assessment for personnel security - a guide (PDF)
• Personnel security - threats, challenges and measures.
• Document verification guidance (PDF - 1.72MB)
• Good Practice Webmail
• Process Control and SCADA Security Guide 7. Establish ongoing governance
• Process Control and SCADA Security Guide 6. Engage projects
• Process Control and SCADA Security Guide 5. Manage third party risk
• Process Control and SCADA Security Guide 4. Improve awareness and skills
• Process Control and SCADA Security Guide 3. Establish response capabilities

Click here to view all guidelines »