The National Policing Information Risk Management Team (NPIRMT) of the UK Home Office (the ministry responsible for security, immigration, and law and order) is charged with ensuring that the storage of and access to police information meet its standards. Through the National Policing Information Risk Management Policy, it sets the central standards and controls for law enforcement agencies across the UK that are assessing the risk of moving police information systems to the cloud.
The policy requires that all national police services in the UK that store and process protectively marked or other sensitive information take an extra step in their risk assessment: a physical inspection of the datacentre /offices where their data will be stored. The successful assessment of a datacentre determines that it is PASF.
This PASF specifically assesses the InfoSec controls for the delivery of development and support services to the Neighbourhood Alert website from the VISAV LTD Nottingham offices. And the co-location of the Neighbourhood Alert website servers at Space Data Centre (Nottingham)
Both audits were conducted by the Lincolnshire Police Information Management Unit 20/09/22 and were successfully completed.
As part of the recommendations following PASF a full ITHC was undertaken including an external web application penetration test by a CREST approved provider