NALC publishes new IT policy template to support parish and town councils in meeting governance standards

We're pleased to introduce our new IT Policy, designed to help parish and town councils meet the requirements set out in paragraph 1.54 of the proper practices. Compliance with this requirement is tested under Assertion 10 of the Annual Governance Statement (Section 1 of the Annual Governance and Accountability Return).

Paragraph 1.54 of the Practitioners' Guide 2025 states: "All smaller authorities (excluding parish meetings) must also have an IT policy. This explains how everyone — clerks, members and other staff — should conduct authority business in a secure and legal way when using IT equipment and software. This relates to the use of authority-owned and personal equipment."

The new IT policy helps parish and town councils set clear expectations for the appropriate use of IT equipment and systems, raise awareness of potential risks associated with IT use, safeguard the council's data and digital assets, clarify what constitutes acceptable and unacceptable use, and outline the consequences of policy breaches.

Having a robust IT policy isn't just about compliance. It's about good governance and digital resilience. By adopting and tailoring this template, parish and town councils can demonstrate their commitment to data protection and cybersecurity, ensure that councillors and council staff use technology responsibly and lawfully, reduce the risk of data loss, misuse, or security breaches, and show transparency and accountability through the AGAR.

The template includes optional sections that can be easily adapted to reflect the specific needs of each council. By putting this policy in place, parish and town councils can be confident they are meeting governance standards, protecting information, and strengthening public trust.