What is the role of CDA and how does it help my project?

CDA (The Cyber Design Authority) is empowered by, and operates as a sub-group of, the Architecture Board with devolved responsibility for:

  • Commissioning and approving the development of: Architectural Principles, Policies, Standards and Patterns for Cyber Security, which are clearly aligned to the desired business outcomes of NHS Digital and the Digital Delivery Board (the internal DSC (Data Security Centre) CDA team will develop these);
  • Collaborating with other Design Authority Boards to ensure that coherent and cohesive Enterprise Architecture, Architectural Principles, Policies, Strategies and Standards are maintained;
  • Supporting programmes/stakeholders wishing to build or augment new national capabilities to understand the agreed Enterprise Architecture from a security perspective;
  • Ensuring that there is no duplication and conflicting development work relating to national capabilities across the wider NHS Digital programme portfolio with regard to cyber security;
  • Discussing and promoting innovations that could augment existing national cyber security capabilities;
  • Acting as an escalation point for issues that affect cyber security national capabilities and the wider enterprise architecture.

What is the scope of CDA?

  • Programmes and initiatives overseen by the Digital Delivery Board;
  • Other programmes being delivered by NHS Digital;
  • As instructed, other programmes being delivered across national Health and Social Care bodies where the focus is on national capability or where there is a clear interface between national and local capabilities.

Who do I contact for more information?

Secretariat: Bridget Greenwood

The Architecture Board and its sub-group’s decisions are updated by the secretariat here

All queries regarding the decisions should be directed to cybersecurity@nhs.net

Take me to the documents…

The Architecture Governance Boards Template library