Source · Select Committees · Public Accounts Committee

24th Report - Government cyber resilience

Public Accounts Committee HC 643 Published 9 May 2025

Report Status

Government responded

Conclusions & Recommendations

35 items (15 recs)

Source

View on Parliament website ↗

Government Response

AI assessment · 34 of 35 classified

Accepted 30

Accepted in Part 1

Deferred 3

Recommendations

1 result

23 Accepted in Part

GovAssure not designed to assess all critical systems despite improvement goals.

Recommendation

We asked the Cabinet Office how it would increase the scale and pace of GovAssure to assess the cyber resilience of all of government’s critical systems. The Cabinet Office explained that it did not plan to assess 100% 43 C&AG’s … Read more

Government Response Summary

The government agrees to the recommendation, aiming for implementation by Spring 2026, and commits to requiring departments to identify and report critical systems through GovAssure, driving its adoption across government, and determining optimal assessment scale and frequency. However, it does not explicitly detail how GovAssure will be made quicker and easier for departments.

HM Treasury

View Details →