The Single Company Exercise (SCE) has been designed so that SIMEX’s value could be extended to as wide a range of firms as possible. SCE has been produced to allow any firm, but especially smaller firms without specific exercising experience or expertise, to deliver an effective internal exercise. The materials are based on a severe but plausible scenario and can be used to exercise a range of capabilities and test important business services.

To provide a mechanism for firms, FMI and industry groups to coordinate, share information, and ensure the sector can respond effectively to significant operational incidents. Contains schematic overview of all response groups of the sector, their role and invocation procedures and links to other groups to support collaborative cross-sector engagement.

Guidance to the UK financial sector to aid the process of resuming business and safely reconnecting an organisation that has been technically quarantined after suffering a material cyber incident.

Common definitions of critical GBP retail payments to support prioritisation across the sector during severe but plausible operational disruption.

Sector learnings from the Log4j incident to optimise the approaches undertaken by larger firms and support capability building across the wider sector.

Guidance in conjunction with the NCSC on managing third party information security to minimise the risk that an inconsistent or outdated approach leaves the sector more vulnerable to attacks.

Common definitions of critical GBP wholesale payments to support prioritisation across the sector during severe but plausible operational disruption.

Best practice approach in which data is captured and reused in response to malicious data destruction events using a cloud hosted data vault.

A cloud framework to support consistent adoption of controls and practices across shared accountability models between FS firms and Cloud Services Providers.