NTL Cyber Governance

Programme Health

Team Workload

CE Theme Distribution

Risk Snapshot

Recent Activity

CAF Annual Returns

NIS Directive / CAF 4.0 annual self-assessment. Rate each in-scope system against all 16 CAF objectives. Submit to DfT annually.

Systems Outside NTL NIS Scope (Network Rail Responsibility)

Not in scope: GSM-R · Signalling & Control Systems (trackside) · TRUST (Train Running System) · National Rail Enquiries · Any trackside or operational railway infrastructure

All of the above are Network Rail's NIS responsibility. NTL receives data from these systems but does not own or operate them.

Department Register

NIS classification · System ownership · Cyber governance owner

Reference register of all NTL departments, their NIS scope classification, who owns their systems and who governs cyber for each.

Department	NIS Classification	Accountable Executive	System Ownership (delivers)	Cyber Governance (governs)	NTL-Owned Systems	Risk Level

Project Tracker

Evidence Library

Index of evidence for each governance task. Records document name, SharePoint path, date filed and CAF objective reference.

Task ID	Quarter	Evidence Type	Document Name	Storage Location (SharePoint path)	Date Filed	Owner	CAF Ref

Workload Planner

Governance activities only · No technical delivery included

Quarter-by-quarter task distribution showing workload balance across the team.

Quarter	Total	Q Tasks	S Tasks	A Tasks	Amelia	Josh	Manager	CE Theme Focus	Balance	RAG

Help & Knowledge Base

NTL Cyber Governance · Guidance for the whole team

Comprehensive guidance on every area of the governance programme — regulatory context, what good looks like, and worked examples.

Report Generator

Training & Awareness Tracker

Owner: Amelia · CAF Objective B6 evidence · Updated quarterly

Track per-department completion rates for all awareness training and phishing simulations.

◈ SECTION A — MANDATORY AWARENESS TRAINING COMPLETIONi

⚠ SECTION B — PHISHING SIMULATION RESULTSi

Ref	Quarter	Scenario	IT Ops	Control	Finance	Retail	HR	Stations	Procurement	Avg Click %	Follow-up Training?	Notes
No phishing simulations logged yet.

ID	Quarter	Theme	Deliverable	Assigned	Status	Progress	Freq	Last Updated

Risk Register

5×5 Risk Matrix — Current Position

Numbered dots = current risk position. Appetite: GREEN only (score ≤4)

Risk Appetite

NTL's risk appetite is LOW. Only GREEN-zone risks (score ≤4) are within appetite.

1–4 — Within appetite. Monitor and maintain.

5–9 — Manage actively. Steering Group agenda item.

10+ — Escalate immediately. Board notification.

Risk Register

Policy Register

Supplier Assurance

SOC Management

Owner: Josh (Technical Governance) · Reviewed: Monthly

24/7 Security Operations Centre relationship management · KPIs · Escalations · SLA tracking

◈ SECTION A — MONTHLY KPI SCORECARDi Updated monthly by Josh

Month	Alerts Total	True Positives	False Positives	MTTD (mins)	MTTR (mins)	SLA Met?	RAG	Notes
No KPI data yet. Click + Log Month to add the first month.

⚠ SECTION B — ESCALATION LOGi Log every escalation from SOC to NTL cyber team

Ref	Date / Time	Severity	Description	Escalated To	SOC Response Time	NTL Action Taken	Status
No escalations logged. Use the button above to log an escalation.

◷ SECTION C — MONTHLY REVIEW MEETINGS Josh chairs · Cyber Security Manager attends quarterly

Date	Attendees	Key Topics / Actions	Open Actions	Minutes Filed?	RAG
No meetings logged yet.

≡ SECTION D — SLA & CONTRACT REFERENCE Update from contract — keep current

P1 Response SLA

—

minutes

P2 Response SLA

—

minutes

Uptime SLA

—

SLA reference not yet configured. Click Edit SLA to populate from your contract.

Incident Log

Ref	Date	Severity	Title	Department	How Detected	NIS Notify?	Status	Logged By

Audit Trail

Every change recorded with user and timestamp

Ref	Title	Assigned	Priority	Due Date	Status	Roadmap Ref	Last Updated

Total

In Progress

Overdue

Complete

Governance Roadmap task

BAU task

Type	Ref	Quarter	Theme	Task	Priority	Status	Progress	Last Updated