This is a list of links to Cyber related regulations, framework & guidance related to OT. In no particular order and up to date as of June 2026.
NCSC Cyber Assessment Framework (CAF) – The CAF is primarily designed for organisations operating essential services, in sectors such as energy, healthcare, transport, digital infrastructure and government.
- Cyber Assessment Framework | National Cyber Security Centre
- https://www.ncsc.gov.uk/sites/default/files/documents/NCSC-Cyber-Assessment-Framework-4.0.pdf
Network and Information Systems (NIS)
- The NIS Regulations 2018 – GOV.UK
- The Network and Information Systems Regulations 2018
- NIS2 Directive: securing network and information systems | Shaping Europe’s digital future – (EU)
- Cyber Security and Resilience Policy Statement to strengthen regulation of critical sectors | National Cyber Security Centre
- Cyber Security and Resilience Bill – GOV.UK
Ofgem
- NIS Directive and NIS Regulations 2018: Ofgem guidance for Operators of Essential Services | Ofgem
- RIIO-2 Cyber Resilience Guidelines | Ofgem
- Energy sector cyber security strategy – GOV.UK
- Futureproofing cyber regulation | Ofgem
Health and Safety Executive (HSE) – OG 0086
