What policies do we need to have in place to complete the Data Security and Protection Toolkit?

You must have some particular policies in place such as a Data Protection Policy, in order to get to at least Approaching Standards on the DSPT. You need to have additional policies and arrangements in place in order to reach Standards Met.

There is no set number of how many policies your organisation has to have on these topics as the different sizes and complexity of organisations means that some will have one all-encompassing policy, whilst others may have multiple policies.

We have provided template policies which you can download and adapt to suit your own organisation. You can access them here.