The IT Law Wiki


The CESG (formerly the "Communications and Electronic Security Group") is the U.K. Government's National Technical Authority for Information Assurance, responsible for enabling secure and trusted knowledge sharing to help entities achieve their business aims. It provides advice and assistance on the security of communications and electronic data and delivers information assurance policy, services and advice that government and other customers need to protect vital information services.

CESG aims to protect and promote the vital interests of the UK by providing advice and assistance on the security of communications and electronic data. To do this CESG provides information assurance policies, services and advice to government and other customers. This includes:

Technical advice:


  • production of system security documentation, such as system security policy (SSP) and security operations procedures (SyOPs);
  • advice on sources and status of technical documentation; and
  • verbal and written feedback on technical documentation.

Other services include providing:

As part of U.K. Government’s drive to improve the culture of security throughout the public sector, CESG is working as part of a team that is looking at making policy and guidance documentation more widely available. Much of the existing documentation is neither relevant to, nor written in appropriate language for, the wider public sector. The aim of this work is to understand the information assurance needs of the wider public sector and to tailor existing policy and guidance documents to this community.