Framework hub
Cyber Essentials
NCSC (UK)
UK government baseline certificate: five essential security controls and best practices against common online threats.
HLD Group maintains policies and controls mapped to this framework as part of our security and compliance programme. This hub describes programme alignment — not a third-party certification or attestation unless separately agreed in your contract.
Programme focus areas
- Firewalls
- Secure configuration
- Access control
- Malware protection
- Patch management
Policies meeting this framework
The following published policies and programme documents are mapped to Cyber Essentials. Status: published and under periodic review.
- Information security policyPublished
Enterprise information security programme and control framework.
v3.0 · review every 365 days
- Password & authentication policyPublished
Password complexity, MFA, and credential management.
v2.0 · review every 180 days
- Access control policyPublished
Granting, reviewing, and revoking access to systems and data.
v2.0 · review every 180 days
- Incident response planPublished
Detecting, responding to, and recovering from security incidents.
v3.0 · review every 180 days
- Change management policyPublished
Managing changes to systems, infrastructure, and applications.
v2.2 · review every 365 days
Assurance note
Programme alignment means HLD maintains controls, policies, and monitoring mapped to Cyber Essentials requirements appropriate to our services and risk profile. It does not by itself constitute certification, authorization, or a SOC/ISO audit report. Customers requiring formal attestations should contact [email protected].