The UK Police Digital Services - PDS ( link resides outside ibm.com) department sets the central standards and controls for law enforcement agencies across the country that are assessing the risk of moving police information systems to the cloud.
The information assurance policy requires that all national police services in the UK that store and process protectively marked or other sensitive law enforcement information take an extra step in their risk assessment—a physical inspection of the data center where their data will be stored. A successful data center assessment determines that the facility qualifies for Police Assured Secure Facilities (PASF). PASF is based on a standard set of controls covering physical and environmental security and processes like high availability, staff training and onboarding and offboarding procedures.
Police and law enforcement agencies in the UK can contact the PDS to obtain the IBM Cloud® PASF report.
IBM Cloud has successfully met the PASF procedural and physical security requirements for official-sensitive data. This comprehensive assessment included physical, environmental and availability controls of the data centers.