Table of contents

Infrastructure System Accreditation

Legacy information

Note: This document is Legacy IA Policy material. It is under review and likely to be withdrawn or substantially revised soon. Before using this content for a project, contact security@justice.gov.uk.

Note: This document might refer to several organisations, information sources, or terms that have been replaced or updated, as follows:

Summary

Accreditation is the formal, independent assessment of an IT system or service against its Information Assurance (IA) requirements.

The Ministry of Justice (MoJ) Accreditation Framework explains how accreditation forms part of the wider Information Risk Management strategy, is owned by the business owners of the system, and is implemented in a proportionate, pragmatic, and cost-effective manner. The framework includes information about who is involved in accreditation, their roles and responsibilities, and the stages of accreditation and risk assessment.

Accreditation must be considered for any system that handles information relating to MoJ business or MoJ customers.

Contact and Feedback

For any further questions or advice relating to security, or for any feedback or suggestions for improvement, contact: security@justice.gov.uk.