Government Classification Scheme
The Government Security Classification (GSC) system has three levels: Official, Secret, and Top Secret.
The GSC was issued by the Cabinet Office in 2018: https://www.gov.uk/government/publications/government-security-classifications
This is the majority of information that is created or processed by the public sector.
Includes routine business operations and services, some of which could have damaging consequences if lost, stolen, or published in the media, but which are not subject to a heightened threat profile.
This classification applies to the vast majority of government information including general administration, public safety, criminal justice, and law enforcement, and reflects the fact that reasonable measures need to be taken to look after it and to comply with relevant legislation such as the Data Protection Act, Freedom of Information Act, and Public Records Acts.
A limited amount of information is particularly sensitive, but still comes within Official if it is not subject to the threat sources for which Secret is designed, even if its loss or compromise could have severely damaging consequences. The need to know principle shall be rigorously enforced for this information, particularly where it might be shared outside of a routine or well understood business process. There are very few activities where all related information or cases require the Official-Sensitive marking, though this might apply to assets previously marked as
CONFIDENTIAL. Across a range of information assets which were previously normally marked as
RESTRICTED, there might be individual cases/instances which are more sensitive (some of which might be marked
CONFIDENTIAL on an individual basis). This more sensitive information is identified by adding ‘Sensitive’, and must therefore be marked ‘Official-Sensitive’. This marking alerts users to the enhanced level of risk and that additional controls are required.
Very sensitive information that justifies heightened protective measures to defend against determined or highly capability threats.
Where compromise might seriously damage military capabilities, international relations or the investigation of serious organised crime.
Use of Secret shall only be used where there is a high impact and a sophisticated or determined threat (elements of serious and organised crime, and some state actors):
- Classified material received from Other Government Departments (OGDs) or agencies relating to national security and counter-terrorism.
- Intelligence and investigations relating to individuals of interests to security agencies.
- Information that might seriously damage security and intelligence operations.
- Information affecting the ability to investigate or prosecute serious or organised crime.
- Personal/case details where there is a specific threat to the life or liberty of an individual such as protected witness scheme records.
The concept of sophisticated or heightened threat doesn’t only apply to those with a high technical (IT) attack capability, but might apply to criminals who have a developed capability to intimidate or coerce individuals. If disclosure of information might result in serious physical harm or put a life at risk because there is a real and highly capable threat present, the information shall be tightly controlled. Secret shall not become the default status for material just because of the type of case or potentially severe consequences such as murder trials, or where there is a threat to life. The threat capability shall also be present.
HMG’s most sensitive information, requiring the highest levels of protection from the most serious threats.
Where compromise might cause widespread loss of life or else threaten the security or economic wellbeing of the country or friendly nations.
This classification remains for information of the highest sensitivity relating to national security and subject to highly capable threat sources. There is no change to controls at this level. Any business area holding or expecting to hold information at this level shall contact the Departmental Security Officer to agree controls.
Applying the classification system
The following considerations apply:
- Staff and delivery partners are responsible for ensuring that all information is looked after with care, to enable the business to function as well as meeting privacy needs.
- The majority of MoJ and wider government information will fall into the Official tier; there is a significant step up to Secret and Top Secret which are essential for national security and the very highest threat areas.
- Official provides for a general and sufficient level of control of information (including for systems holding such information) which is not subject to heightened threat sources. Within this, there is flexibility to apply additional operational controls to reflect sensitivity.
- In most areas of MoJ activity at Official, staff should continue to follow existing business instructions and procedures for handling information that apply to those activities. Such instructions should include provisions for identifying and dealing with more sensitive cases.
- The ‘Working with Official information’ desk aid and handling rules should be referred to when receiving, handling or creating information in any format, which is not routine or covered by general processes or instructions.
- Material at Official does not require a marking to be applied, but must be protected in accordance with the handling rules and any local instructions. However, information assessed to be particularly sensitive must be marked Official-Sensitive, giving a clear warning that strict control of access and special handling apply (see below).
- Staff are expected to comply with local instructions and minimum controls, but need to exercise common sense in situations where applying a control is not possible or would seriously hinder effective business or safety. In all but the most urgent cases, seek approval from your manager or the Information Asset Owner before adopting lesser controls. Decisions must be risk based, and the assessment must be recorded at the earliest convenient opportunity.
- Existing material with former protective markings including
RESTRICTEDdoes not need to be retrospectively reclassified. See the transition note in this guidance.
- Descriptors, such as
COMMERCIALare no longer used. In exceptional circumstances or where the recipient might not recognise the sensitivity of the information being sent, authors may include ‘handling instructions’ in a document or email to draw attention to particular requirements.
- The security officer for your part of the MoJ should be consulted to agree controls if you receive,handle or otherwise process any information at Secret or Top Secret.
At Official, any local instructions or operating procedures should continue to be followed. These should assist staff in identifying any cases that require the Official-Sensitive marking.
This guidance note and the desk aid entitled “Working with Official information” provide some general rules. You might also need to refer to local intranet pages or the handling rules if creating or processing any non-routine material.
Controls should be consistent with the minimum controls set out in the Handling Rules. These must be applied to all information within Official and are adequate for most information, providing defence against the sort of threats faced by a major company. These threats include, but are not limited to, ‘hacktivists’, single issue pressure groups, investigative journalists, competent individual hackers, potentially aggrieved participants or users of the justice system, and the majority of criminal individuals and groups.
Business areas or Information Asset Owners (IAOs) should review risks to their information, and ensure local procedures are in place, adopting additional controls where needed.
The Handling Rules document identifies additional considerations for some aspects of control. Business areas or IAOs might decide to adopt more robust controls in these areas, particularly for material marked Official-Sensitive or where information is moved, transmitted or otherwise communicated outside of the secure office environment.
Controls should be applied proportionately for information which would previously have been ‘unclassified’. Such information still needs looking after if it is required for the job, but might not require controls designed to provide confidentiality.
If IAOs or staff are considering classifying any new assets or reclassifying any existing assets as Secret or Top Secret, they should consult their IA lead and security adviser, or with MoJ security in relation to technical threats, to determine whether a heightened threat might be present, and to agree necessary controls.
Marking of information
Marking is only needed for information which is Official-Sensitive, Secret or Top Secret. Classifications can be added to information in many different ways but the most important thing is that the marking is clearly visible to anyone using or receiving the information.
This could mean:
- Marking the top and bottom of documents, clearly, in
CENTREDin the header and footer.
- Showing the marking in the subject line of emails:
- Type Official-Sensitive at the start of the subject line, in
- Remember to consider whether material that is sensitive needs to be sent, and whether it is safe or appropriate to send if the recipient is outside a secure government network.
- You must not email anything at Secret or above.
- Type Official-Sensitive at the start of the subject line, in
- Marking the front of folders or binders:
- Apply clearly in a prominent position in
- Apply the highest classification of any of the contents.
- Apply clearly in a prominent position in
Material that needs marking must be transmitted securely. The classification of contents must not be visible on an external envelope sent by post or courier.
Transition to the classification system
For information bearing the ‘old’ markings, the following guidance should be followed to ensure appropriate handling. Unless there are specific instructions to the contrary, staff are expected to maintain current levels of control and use existing IT systems on which information is currently held or processed.
The old protective markings do not automatically read across, particularly at
- All material up to and including
- Much material at
CONFIDENTIALbecomes Official, but some might become Secret.
- Only a limited amount of material at
RESTRICTEDneeds marking as Official-Sensitive.
CONFIDENTIALmaterial moving into Official is likely to require marking as Official-Sensitive.
|Old marking||New classification||Examples|
||Treat as Official (unmarked). Where controls prevent otherwise safe sharing of non-sensitive information, IAOs have some discretion to relax controls, provided any relaxations are specific to their assets and have no wider risk consequences, such as for the security of IT assets and government network code of connection.||Public notices and leaflets, published information, information that doesn’t contain personal data or other sensitive content, and training materials.|
||If information relates to general administration, treat as Official (unmarked). Where used for personal data, maintain existing controls. Individual case records containing particularly sensitive content need to be marked Official-Sensitive, though these instances may already be marked
||Documents containing personal data such as personnel records, citizen or offender case records, and general administration not intended for publication.|
||If it relates to general administration, there should be a presumption that it can be treated as Official (unmarked).||General administration, policy documents, commercial documents, or case records.|
|You need to consider whether the subject matter is particularly sensitive and there is a need to rigorously enforce access controls, in which case material may additionally require handling or marking as Official-Sensitive. Anything with this level of sensitivity might already have agreed handling constraints. If in doubt, discuss with the Information Asset Owner.||Particularly sensitive case records, contentious policy drafts and advice, and sensitive negotiations.|
||Check with the author or originating Department. The presumption should be to treat as Official-Sensitive and continue with current handling controls, unless there is a clear national security aspect or it relates to protected witnesses, in which case treat as Secret. If you want to reproduce content in an electronic document, check the classification with the author or originating Department. See the note after the table.|
||Continue to observe the operating instructions for the system you are using. Continue to use the secure government network for any reply, and use the marking applied by the original author. Otherwise, adopt controls for Official-Sensitive. See the note after the table.|
|Secret.||Continue to treat as Secret, subject to any formal review of the classification of the information assets involved in the particular area of activity. If hard copy, treat as Secret and log, store, move and dispose of accordingly. If held on a stand-alone system currently rated at Secret, treat as Secret and observe the operating controls for the system.||Material relating to national security or counter-terrorism, and some protected witnesses.|
Note: Electronic records marked
CONFIDENTIAL should not be processed or saved on the MoJ existing standard networks such as DOM1 or Quantum, or on electronic document management systems unless or until the originator or Information Asset Owner has issued revised guidance allowing the information to be handled at Official, including Official-Sensitive, and the system has been rated to hold material at Official, with any additional access controls, or the system reclassified as Secret.
For any further questions or advice relating to security, contact: email@example.com.
If you have any questions or comments about this guidance, such as suggestions for improvements, please contact: firstname.lastname@example.org.