Your web browser does not appear to have javascript enabled.

The Data Security and Protection Toolkit requires javascript to be enabled.

If you are unable to re-instate the javascript option on your browser please contact us and we will be able to help.

Assertions and Evidence items for the Data Security and Protection Toolkit 2024-25 version 7 (21 October 2024)

Key facts and assertions and evidence items for the Data Security and Protection Toolkit 2024-25 (version 7). Updated spreadsheet version for Category 2 organisations.

The Assertions and Evidence items for the 2024-25 V7 Data Security and Protection Toolkit have now been agreed.

The deadline for the Data Security and Protection Toolkit is 30th June 2025.

NHS Trusts, ALBs, CSUs and ICBs will view a new interface aligned to the NCSC Cyber Assessment Framework.

The work to incorporate the Assertions and Evidence items into the Data Security and Protection Toolkit with the updated assurance framework (audit guide) and Big Picture Guides is complete.

Downloadable copies of the Assertions and Evidence items for the 2024-25 Data Security and Protection Toolkit are available here for IT Suppliers, organisations that are an OES Independent Provider under the Network and Information Systems, Dentists, GPs, Local Authorities, Opticians, Others, Pharmacy, Social care and Universities.

Outcome and Indicators of good practice in a spreadsheet form are available here for NHS Trusts, ALBs, CSUs and ICBs.

Change Log

8th October 2024 amendment to spreadsheet for large NHS organisations to correct IGP wording on B4.a and B5.b.
21st October 2024 amendment to spreadsheet for IT Suppliers and OES Independent Providers to update tooltip for 9.4.5 to clarify how to upload DSPT Audit.

Supporting Documents

DSPT Version7_24-25_Dentist_GP_IT-Supplier_LA_OES_Optician_Other_Pharmacy_Social-Care_Uni.xlsx (75.5KB)

DSPT_v7 24-25 in a spreadsheet for NHS Trusts-ALBs-ICBs-CSUs.xlsx (88.7KB)