Supporting NHS CAF Alignment Through Thales Solutions and Expertise
How Thales Supports the NHS to Implement the Cybersecurity Assessment Framework
The Cybersecurity Assessment Framework (CAF) is the UK National Cyber Security Centre’s (NCSC) comprehensive, outcome-based tool for evaluating how effectively organisations – especially those running critical infrastructure or essential services – manage cyber risk. As of 2025, the Data Security and Protection Toolkit (DSPT) is aligned with the Cybersecurity Assessment Framework (CAF). DSPT continues to exist but has evolved to reflect CAF principles, ensuring stronger, outcome-based assessment while retaining familiar NHS processes
Thales can help NHS organisations align with the CAF by addressing cybersecurity requirements and automating security, reducing the burden on security and compliance teams.