scope:

This standard applies to Network Rail regions, routes, directorates, employees, contractors, and sub-contractors. The SeMS applies to people, processes and technology delivering services of any kind, to or on behalf of Network Rail and encompasses people, digital systems and applications, physical infrastructure assets, management, maintenance, programme and project delivery and operational activities. 

Purpose 

This standard defines the control framework for security at Network Rail. 

It describes the organisational structure, accountabilities, responsibilities, requirements, and procedures required to enable effective security governance, risk management and continuous improvement to provide assurance to board level that security measures are effective.

This standard provides the overarching framework for security and references several other documents and standards that together deliver an effective Security Management System.