Connecting to NTL Cyber Governance…
Programme Dashboard
Northern Trains Limited · 2026–2027
Live
⬤ Official-Sensitive
Programme Health
Team Workload
CE Theme Distribution
Risk Snapshot
Recent Activity

CAF Annual Returns

i

NIS Directive / CAF 4.0 annual self-assessment. Rate each in-scope system against all 16 CAF objectives. Submit to DfT annually.

Systems Outside NTL NIS Scope (Network Rail Responsibility)
Not in scope: GSM-R · Signalling & Control Systems (trackside) · TRUST (Train Running System) · National Rail Enquiries · Any trackside or operational railway infrastructure
All of the above are Network Rail's NIS responsibility. NTL receives data from these systems but does not own or operate them.

Department Register

NIS classification · System ownership · Cyber governance owner

Reference register of all NTL departments, their NIS scope classification, who owns their systems and who governs cyber for each.

DepartmentNIS ClassificationAccountable Executive System Ownership (delivers)Cyber Governance (governs) NTL-Owned SystemsRisk Level

Project Tracker

Evidence Library

Index of evidence for each governance task. Records document name, SharePoint path, date filed and CAF objective reference.

Task IDQuarterEvidence TypeDocument Name Storage Location (SharePoint path)Date FiledOwnerCAF Ref

Workload Planner

Governance activities only · No technical delivery included

Quarter-by-quarter task distribution showing workload balance across the team.

QuarterTotalQ TasksS TasksA Tasks AmeliaJoshManagerCE Theme FocusBalanceRAG

Help & Knowledge Base

NTL Cyber Governance · Guidance for the whole team

Comprehensive guidance on every area of the governance programme — regulatory context, what good looks like, and worked examples.

Report Generator

Training & Awareness Tracker

Owner: Amelia · CAF Objective B6 evidence · Updated quarterly

Track per-department completion rates for all awareness training and phishing simulations.

◈ SECTION A — MANDATORY AWARENESS TRAINING COMPLETIONi
⚠ SECTION B — PHISHING SIMULATION RESULTSi
RefQuarterScenario IT OpsControlFinanceRetail HRStationsProcurement Avg Click %Follow-up Training?Notes
No phishing simulations logged yet.
IDQuarterThemeDeliverableAssignedStatusProgressFreqLast Updated

Risk Register

i
5×5 Risk Matrix — Current Position
Numbered dots = current risk position. Appetite: GREEN only (score ≤4)
Risk Appetite

NTL's risk appetite is LOW. Only GREEN-zone risks (score ≤4) are within appetite.

1–4 — Within appetite. Monitor and maintain.
5–9 — Manage actively. Steering Group agenda item.
10+ — Escalate immediately. Board notification.
Risk Register

Policy Register

Supplier Assurance

i

SOC Management

Owner: Josh (Technical Governance) · Reviewed: Monthly

24/7 Security Operations Centre relationship management · KPIs · Escalations · SLA tracking

◈ SECTION A — MONTHLY KPI SCORECARDi Updated monthly by Josh
Month Alerts Total True Positives False Positives MTTD (mins) MTTR (mins) SLA Met? RAG Notes
No KPI data yet. Click + Log Month to add the first month.
⚠ SECTION B — ESCALATION LOGi Log every escalation from SOC to NTL cyber team
RefDate / TimeSeverity DescriptionEscalated To SOC Response TimeNTL Action TakenStatus
No escalations logged. Use the button above to log an escalation.
◷ SECTION C — MONTHLY REVIEW MEETINGS Josh chairs · Cyber Security Manager attends quarterly
DateAttendeesKey Topics / Actions Open ActionsMinutes Filed?RAG
No meetings logged yet.
≡ SECTION D — SLA & CONTRACT REFERENCE Update from contract — keep current
P1 Response SLA
minutes
P2 Response SLA
minutes
Uptime SLA
%
SLA reference not yet configured. Click Edit SLA to populate from your contract.

Incident Log

i
RefDateSeverityTitleDepartmentHow DetectedNIS Notify?StatusLogged By

Audit Trail

Every change recorded with user and timestamp
RefTitleAssigned PriorityDue DateStatus Roadmap RefLast Updated
0
Total
0
In Progress
0
Overdue
0
Complete
Governance Roadmap task
BAU task
Type Ref Quarter Theme Task Priority Status Progress Last Updated
Guidance

Help