Information security guidance for construction joint ventures

Best practice guidance published to support businesses with data sharing requirements in construction projects

The National Cyber Security Centre (NCSC) has published new sectoral guidance on the holistic security approach joint ventures should adopt to protect any sensitive information they manage. The guidance is a collaborative effort between the construction sector and government organisations, and provides advice for construction businesses on how to secure information for joint ventures.

Modern construction programme delivery and the data sharing requirements are becoming increasingly complex. Techniques and processes such as Building Information Modelling (BIM) require data to be shared at the right time, in the right format, to the right third party and always with the right focus on security. This is why it's so important to set up a good foundation for information governance before the joint venture commences.

The guidance provides a set of non-mandatory recommendations for ensuring information security in joint ventures, together with details of how recommendations might best be implemented. At a high level, its main requirements are that security is represented at joint venture board level, and that individuals responsible for information security from a personnel, physical and cyber security perspective understand and address the specific challenges that joint ventures face.

Download Joint Ventures in the Construction Sector: Information Security Best Practice Guidelines (PDF, 1.48MB).

First published 24 August 2022