Table of contents

Infrastructure System Accreditation

Legacy information

Note: This document is Legacy IA Policy material. It is under review and likely to be withdrawn or substantially revised soon. Before using this content for a project, contact

Note: This document might refer to several organisations, information sources, or terms that have been replaced or updated, as follows:


Accreditation is the formal, independent assessment of an IT system or service against its Information Assurance (IA) requirements.

The Ministry of Justice (MoJ) Accreditation Framework explains how accreditation forms part of the wider Information Risk Management strategy, is owned by the business owners of the system, and is implemented in a proportionate, pragmatic, and cost-effective manner. The framework includes information about who is involved in accreditation, their roles and responsibilities, and the stages of accreditation and risk assessment.

Accreditation must be considered for any system that handles information relating to MoJ business or MoJ customers.


If you have any questions or comments about this guidance, such as suggestions for improvements, please contact: