Cyber Assessment Framework for Local Government

Local Digital is supporting councils in England to assess and improve their cyber posture, in line with the ambitions set out in the Government Cyber Security Strategy 2022-2030.

In late 2022 we conducted a 4-month pilot with 10 councils in England to explore how the NCSC’s Cyber Assessment Framework (CAF) could be used to identify and manage cyber risks across the sector.

The Cyber Assessment Framework (CAF) for Local Government pilot was our first step in understanding how a cyber security baseline for local government might work.

Read our findings from pilot

In our CAF for Local Government report, you can read about:

  • how we conducted the pilot
  • what we’ve learned so far
  • what we plan to do during the next phase of this work

Download the CAF for Local Government report (PDF version).

You can also download an Open Document Format version of the report.

What happens now

While we feel confident that the CAF and the local government profile is the right approach for the sector, we plan to continue working closely with the local government sector in England to design and develop cyber security policy.

We’re encouraging councils to familiarise themselves with the CAF and start thinking about how they would apply it within their organisation.

If you’re interested in receiving an introduction to the CAF, the workbook template, and guidance from DLUHC, email

To follow our progress, subscribe to the Local Digital newsletter or follow us on Twitter or LinkedIn.

Read more about our work