Guidance

Industry Security Notice (ISN)

A list of Industry Security Notices (ISNs) for defence personnel to highlight security changes or information.

Documents

Security Aspects Letters and Contractual Security Conditions

The National Security Act 2023

The National Security Act 2023 - Annex A

Advance publication of DEFSTAN 05-138 (Issue 4)

Secure by Design Requirements

Publication of revised Government Security Classifications Policy

Request an accessible format.
If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email ddc-modinternet@mod.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

National Security Vetting and Social Networking Sites

Release of JSP 440 to Industry

Request an accessible format.
If you use assistive technology (such as a screen reader) and need a version of this document in a more accessible format, please email ddc-modinternet@mod.gov.uk. Please tell us what format you need. It will help us if you say what assistive technology you use.

Business Continuity and Resilience

Industry Personnel Security Assurance

Encryption of MODII at rest

DART: risk balance case process

Defence Trade Cooperation Treaty (DTCT)

Defence Trade Cooperation Treaty (DTCT): application form

Details

A Industry Security Notice (ISN) is an official document that tells people in industry about important instructions, guidance or other information relating to security.

Important notice

  • ‘ISN 2014/04 Farnborough International Air Show 2014: exhibition clearances’ has been removed
  • ‘ISN 2014/01: Government Security Classification Scheme’ updated April 2014
  • ‘ISN 2011/05 Defence & Security Equipment International (DSEi) 2011: exhibition clearances’ has been removed
  • ‘ISN 2011/02: incident report’ has been superseded by ‘2011/07: incident reporting’
  • ‘ISN 2011/03: Nato personnel security clearances’ has been superseded by ‘2014/03: Procedure for UK contractors to obtain Nato personnel security clearances’

Updates to this page

Published 7 September 2010
Last updated 2124 AugustSeptember 2024 + show all updates
  1. 'Security Aspects Letters and Contractual Security Conditions' updated.

  2. Added: Security Aspects Letters and Contractual Security Conditions.

  3. Added: 'Changes to the MOD Form 680 process to incorporate US ITAR'.

  4. Added 'UK-Australia arrangements for the handling and transmission of Defence Classified Information'.

  5. Added 'Cloud security control requirements for handling Official MOD Information'.

  6. Updated 'Security Aspects Letters and Contractual Security Conditions'.

  7. Updated The National Security Act 2023 and annex A, Security Aspects Letters and Contractual Security Conditions and Subcontracting or Collaborating on Classified UK MOD Programmes.

  8. Added: Advance publication of DEFSTAN 05-138 (Issue 4).

  9. Added: The National Security Act 2023.

  10. Added 'Arrangements for the Handling and Transmission of Classified and Protected Information Concerning the Canadian Surface Combatant Frigate and UK Type 26 Frigate' and 'Arrangements for the Handling and Transmission of Defence Classified Information Concerning the Australian Hunter Class Frigate and UK Type 26 Frigate'.

  11. Removed 'Definition of MOD Identifiable Information', superseded by existing policy.

  12. Removed 'Definition of MOD Identifiable Information'.

  13. Added 'Retention of documents following conclusion/termination of a UK MOD contract'.

  14. Added 'Network Gas Supply Emergency (NGSE) Priority Listing Category B application for Defence Industry'.

  15. Updated 'Security Aspects Letters and Contractual Security Conditions'.

  16. Added: 'Requirement for defence contractors to report all security incidents affecting defence-related classified material to the MOD' ISN 2023/11, and 'Security Aspects Letters and Contractual Security Conditions' ISN 2023/12.

  17. Removal of ISNs: 2022/07, superseded by 2023/05. 2020/06, superseded by existing policy. 2017/03, superseded by 2023/05. 2017/01, superseded by 2023/10. 2016/04, no longer current. 2016/03, no longer current. 2015/04, no longer current. 2015/02, superseded by existing policy. 2015/01, superseded by existing policy. 2011/04, superseded by existing policy. 2011/01, superseded by 2022/06. 2010/03, superseded by existing policy. 2010/01, superseded by existing policy.

  18. Added: Arrangements for the registration and assurance of supplier systems processing MOD information.

  19. Updated 'Secure by Design Requirements'.

  20. Updated 'Security Aspects Letters and Contractual Security Conditions'.

  21. Added: 'Publication of revised Government Security Classifications Policy'

  22. Updated: Subcontracting or Collaborating on Classified UK MOD Programmes

  23. Added: 'Requirement for defence contractors to report all security incidents affecting defence-related classified material to the MOD', ISN 2023/05.

  24. Added: ISN 2023/04 Electronic Movement of OFFICIAL-SENSITIVE MOD Identifiable Information.

  25. 'Control and procedures for effective system patching and update' updated.

  26. Added 'MOD Facility Security Clearance (FSC) policy and guidance for UK Defence contractors and MOD Contracting Authorities'.

  27. Updated ISN 2023/01 'Security Aspects Letters and Contractual Security Conditions'.

  28. 'Security Aspects Letters and Contractual Security Conditions' added.

  29. Added 'Control and procedures for effective system patching and update'.

  30. 'Ongoing Personnel Security Requirements for Defence Contractors – Aftercare Responsibilities' updated.

  31. 'Ongoing personnel security requirements for defence contractors - aftercare responsibilities' updated.

  32. 'Electronic Movement of OFFICIAL-SENSITIVE MOD Information' updated.

  33. Updated Electronic Movement of OFFICIAL-SENSITIVE MOD Information.

  34. Updated 'Clarification on requirements for remote working with MOD material'.

  35. Updated ISN Clarification on requirements for remote working with MOD material.

  36. Added: Industry Security Notice: Requirement to report security incidents affecting MOD material to the MOD. Removed: ISN 2011/07 (Incident Reporting).

  37. Removed as the content contained within all of these ISNs has been superseded by new policy and guidance: Update to the Defence Cyber Protection Partnership’s (DCPP) Risk Assessment and Supplier Assurance Questionnaires, Introduction of Verify to the cyber security model and risk management guidance, Requirement to report security incidents affecting MOD material to the MOD, Defence industry WARP CANNEL state notification, MOD basic grade messaging (email) address routing changes, MOD implementation of cyber essentials scheme, Government security classification scheme: update, Government Security Classification Scheme, Government Security Classification Scheme (updated April 2014), Industry Supplier Guidance on DEFCON 658 (Flow - Down) – Amended.

  38. Added ISN Electronic Movement of OFFICIAL-SENSITIVE MOD Information and ISN Subcontracting or Collaborating on Classified UK MOD Programmes.

  39. Added Industry Security Notice: Defence Industry WARP Change of Ownership and Contact Details.

  40. Added National Security Vetting and Social Networking Sites ISN 2022/06.

  41. Addition of 'Release of JSP 440 to Industry'.

  42. Added: Secure by Design Requirements.

  43. Added ISN 2022/04: Design Requirements.

  44. Added: Arrangements for the Handling and Transmission of Classified and Protected Information Concerning the Canadian Surface Combatant Frigate and UK Type 26 Frigate.

  45. Added: Business Continuity and Resilience

  46. Added: Personnel Security Requirements – Aftercare Responsibilities Related to Providing Accommodation to Foreign Nationals.

  47. Added: Industry Supplier Guidance on DEFCON 658 (Flow - Down) – Amended.

  48. Addition of: Cyber Security Model – Interim Process in support of DEFCON 658.

  49. Addition of: Industry Personnel Security Assurance.

  50. Updated: ISN Encryption Of MODII At Rest.

  51. Added: Compliance with Cyber Security Requirements from Other Nations and Encryption Of MODII At Rest.

  52. Added: Advice on completing the 2021 United Kingdom Census.

  53. Added: Exchange of Classified Information with the European Union.

  54. Addition of: Canada/UK industrial security arrangement - Arrangements for the Handling and Transmission of Classified and Protected Information.

  55. Addition of: ISN Supplier Guidance on renewal of the Supplier Assurance Questionnaire under DEFCON 658 (Cyber).

  56. Addition of: List V - Industry Personnel Security Assurance.

  57. Addition of: Encryption Of MODII At Rest.

  58. Industry security notice regarding cyber security model and cyber essentials plus certification during COVID-19 isolation added.

  59. Added the Clarification on requirements for remote working with MOD material, ISN 2020/01.

  60. Added Update to the Defence Cyber Protection Partnership’s (DCPP) Risk Assessment and Supplier Assurance Questionnaires.

  61. Updated Australia-UK security arrangement: Arrangements for the handling and transmission of defence classified information which has been amended.

  62. Added: Australia-UK Security Arrangement: Arrangements for the Handling and Transmission of Defence Classified Information

  63. Added Ongoing personnel security requirements for defence contractors - Aftercare responsibilities.

  64. Updated Interpretation of US DFARS clauses in relation to CDI and cyber reporting.

  65. Added Interpretation of US DFARS Clauses in relation to CDI and Cyber Reporting (ISN 2018/04).

  66. Added Introduction of Verify to the Cyber Security Model and Risk Management Guidance.

  67. Added Encryption of removable storage media holding MOD data ISN.

  68. Added ISN 01/18 DART – Risk Balance Case Process.

  69. Added Release of UK OFFICIAL-SENSITIVE and equivalent third party classified material to foreign non-government recipients.

  70. Added Encryption of removable storage media holding MOD data.

  71. Added ISN 03/2017: Requirement to report security incidents affecting MOD material to the MOD

  72. Added Industry supplier guidance on DEFCON 658 (ISN 2017/06) that replaces an earlier version of the guide (ISN 2017/05).

  73. Added Industry supplier guidance on DEFCON 658 (flow-down) ISN 2017/05.

  74. Added industry supplier guidance on DEFCON 658 (cyber).

  75. Added ISN 2017/02 Defence industry WARP CANNEL state notification

  76. Added MOD ICT security accreditation and the defence assurance risk tool (DART).

  77. Updated: Definition of MOD Identifiable Information

  78. Added: Definition of MOD Identifiable Information

  79. Added ISN 2016/04 key email address changes for the Ministry of Defence

  80. Added new ISN 2016/03.

  81. Added new Industry security notice ISN 2016/02.

  82. Added ISN 2016/01.

  83. Added ISN 2015/05.

  84. Added new ISN 2015/04.

  85. Removed out of date notices.

  86. Added ISN 2015/03: Guidance on Security Technology at OFFICIAL.

  87. Added ISN 2015/02: Introduction of the electronic private venture security grading and exhibition clearance processes on SPIRE.

  88. Replaced ISN 2015-01 Marking of MOD Commercial Information with amended version.

  89. Added ISN 2015/01: Marking of MOD commercial information.

  90. Added new ISN 2014/06

  91. Added ISN 2014/05.

  92. Added ISN 2014/04: Farnborough International Air Show 2014: exhibition clearances

  93. Replaced Government Security Classification Scheme with the updated April 2014 file.

  94. Removed 2011/03 which was superseded by 2014/03. Added 2014/02 and 2014/03.

  95. Added ISN 2014/01: Government Security Classification Scheme

  96. First published.

Sign up for emails or print this page