PART 2The National Framework
The NIS national strategy2
1
A Minister of the Crown must designate and publish a strategy to provide strategic objectives and priorities on the security of network and information systems in the United Kingdom (“the NIS national strategy”).
2
The strategic objectives and priorities set out in the NIS national strategy must be aimed at achieving and maintaining a high level of security of network and information systems in—
a
the sectors specified in column 1 of the table in Schedule 1 (“the relevant sectors”); and
b
digital services.
3
The NIS national strategy may be published in such form and manner as the Minister considers appropriate.
4
The NIS national strategy may be reviewed by the Minister at any time and, if it is revised following such a review, the Minister must designate and publish a revised NIS national strategy as soon as reasonably practicable following that review.
5
The NIS national strategy must, in particular, address the following matters—
a
the regulatory measures and enforcement framework to secure the objectives and priorities of the strategy;
b
the roles and responsibilities of the key persons responsible for implementing the strategy;
c
the measures relating to preparedness, response and recovery, including cooperation between public and private sectors;
d
education, awareness-raising and training programmes relating to the strategy;
e
research and development plans relating to the strategy;
f
a risk assessment plan identifying any risks; and
g
a list of the persons involved in the implementation of the strategy.
F16
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7
Before publishing the NIS national strategy F2..., the Minister may redact any part of it which relates to national security.
8
In this regulation “a Minister of the Crown” has the same meaning as in section 8(1) of the Ministers of the Crown Act 1975 M1.