Download a Secure by Design preparation checklist
This template is designed to help public sector organisations assess whether they are currently meeting the Secure by Design policy requirements.
It should be completed by those responsible for driving the adoption of Secure by Design across your organisation. Outcomes of the assessment should be discussed with accountable senior leaders, such as your Chief Digital and Information Officer (CDIO), to secure their backing for making any necessary improvements.
Select your preferred format
The template can be adjusted to meet the needs of your organisation.
The Secure by Design preparation checklist template is currently in alpha. Your feedback will help us to improve it.
How to use the Secure by Design preparation checklist
Before using this checklist you should read the Secure by Design approach so you can understand the policy, principles and recommended activities for implementation.
The template includes separate sheets where you can assess your organisation’s current status related to the required and recommended elements of Secure by Design:
- Principles Checklist – assess current practices against the Secure By Design policy, mapped to the core principles and their underlying requirements
- Activities Checklist – review whether the organisation is currently applying the best practice Secure By Design activities
- Implementation Checklist – log which milestones have been met during the preparation and transition phases
Each sheet includes an ‘Assessment Status’ where you can indicate the current status ranging from ‘Not Started’ to ‘Assessed – Met’. The ‘Progress Dashboard’ tab allows you to view the current status of all items across each checklist.
For items that have been assessed, there is an option to add a ‘Maturity Level’ where you can rate the current working practices or capabilities:
- Initial – unstructured and undocumented with limited formal processes
- Managed – planned and documented to allow a consistent approach
- Defined – described in standards, procedures and tools so they are well understood
- Measured – monitored and controlled using quantitative statistics and other analytics techniques
- Optimising – continuously improved based on data and feedback
Include any evidence of meeting criteria or additional information related to identified gaps within the columns provided.