Safeguarding and cyber

Join safeguarding governance to technical assurance

Filtering, monitoring and cyber security cannot be delegated to a product alone. Governors, leaders, the DSL and IT support need clear responsibilities and evidence that controls work.

Tier 1 national authorityReviewed 2026-07-16By Lee Farrell

01

Review at least annually

Current DfE guidance calls for filtering and monitoring review that reflects the population, technology use, risks and incidents. SEND, off-site use, BYOD and generative AI can affect the required approach.

  • Assign responsibilities.
  • Record what is blocked and monitored.
  • Test alert escalation.
  • Check on-site and off-site behaviour.
  • Document actions and outcomes.

02

Make cyber organisational

The DfE cyber standard treats resilience as shared responsibility. Review governance, accounts, patching, backups, incident response, logging and supplier ownership.

03

Demand mapped evidence

Ask suppliers to map their service to school requirements and relevant standards. A generic compliance statement is not enough without configuration, reporting and exception detail.

Accountability

Sources and evidence

  1. Filtering and monitoring: core standardDepartment for Education. Governance, review and technical expectations for filtering and monitoring.
  2. Cyber security: core standardDepartment for Education. Cyber-governance and resilience expectations for schools and colleges.
  3. IT supportDepartment for Education. Expectations for planning, commissioning and reviewing education IT support.