Guidance

Cyber Security Model: cyber risk profiles’ requirements

Cyber Security Model information about the proportionate security controls to be implemented and evidence to be submitted as part of all MOD contracts.

• From: Ministry of Defence
• Published: 24 March 2015
• Last updated: 24 July 2020 — See all updates

Documents

DCPP requirements: not applicable

HTML

DCPP requirements: 'Very Low' cyber risk profile

HTML

DCPP requirements: 'Low' cyber risk profile

HTML

DCPP requirements: 'Moderate' cyber risk profile

HTML

DCPP requirements: 'High' cyber risk profile

HTML

Details

Requirements from DEFSTAN 05-138 providing guidance on the controls to be implemented to ensure suppliers comply with the appropriate cyber risk profile.

Published 24 March 2015
Last updated 24 July 2020 + show all updates

1. 24 July 2020

   Updated Cyber Risk Profile documents for Very Low, Low, Moderate and High.

2. 22 June 2016

   Added link to: Defence Cyber Protection Partnership: your questions answered

3. 19 April 2016

   Added link to Defence Cyber Protection Partnership: resource guide.

4. 9 February 2016

   Added updated 'Implementation of Cyber Essential Scheme: your questions answered' document

5. 23 December 2015

   Added document for Implementation of Cyber Essential Scheme: Your questions answered

6. 25 August 2015

   Added updated Cyber Risk Profiles: Requirements, Evidence and Guidance document and overview text.

7. 24 March 2015

   First published.