SCIF FAQ's

1. What is a secure compartmented facility? 
   A purpose-built, tightly controlled space for handling Sensitive Compartmented Information (SCI). It combines physical, acoustic and technical protections so conversations, digital processing and stored material can’t be overheard, intercepted or removed without detection. These spaces are formally accredited before use and are monitored throughout their lifecycle.
   
   
2. What is a “SCIF room”?
   A single secure room (or part of a suite) accredited for highly sensitive activity. NPSA’s secure-room guidance covers purpose, design, construction and assurance principles.
   
   
3. Is the Oval Office a SCIF?
   The White House Situation Room is the well-known accredited secure complex; the Oval Office itself is not typically treated as the primary SCI space. Sensitive briefings that require SCI handling are conducted in accredited rooms such as the Situation Room.
   
   
4. What do they look like?
   From the outside, SCIFs resemble a normal office; the protection is in the envelope and systems; acoustic treatment, inspected penetrations, certified doorsets/locks and intrusion detection, implemented per NPSA guidance, with TEMPEST/EMSEC controls where risk requires.
   
   
5. Government vs Military use
   The concept is the same: central government, the Armed Forces and vetted suppliers use accredited secure areas when there is a need-to-know for highly sensitive material.
   
   
6. What’s a mobile or tented facility?
   A temporary/deployable secure area (container, trailer or tent) built and operated to the same UK risk and technical standards for the period of use, including acoustic and EMSEC controls as required.
   
   
7. How do these SCIFs work?
   They layer controls: NPSA-compliant physical security (perimeter, doors/walls/ceilings, alarms), acoustic security/speech privacy to defeat overhearing, technical security (UK NACE TSCM practices), and EMSEC/TEMPEST per NCSC with NATO SDIP alignment where applicable.
   
   
8. How much do they cost?
   There is no public tariff in the UK. Cost depends on risk, size, acoustic target, EMSEC category (e.g., SDIP-27 level), assurance/testing and site constraints. SPF requires a proportionate, risk-managed approach, budget only after a formal threat/risk assessment and design development with accredited specialists.
   
   
9. Who sets the construction and security rules?
   HMG’s Security Policy Framework sets outcomes and accountability; NPSA publishes physical/personnel protective-security guidance; NCSC runs the UK TEMPEST/EMSEC scheme and policy; UK NACE is the authority for technical (counter-eavesdropping) security. If hosting NATO/ally information, apply the relevant SDIP TEMPEST standards alongside UK requirements.
   
   
10. Who accredits facilities in the UK?
    There is no single public accreditor. The owning department sponsors and approves the facility against Security Policy Framework outcomes, taking advice from NPSA (physical), UK NACE (technical security) and NCSC (TEMPEST). Defence projects also follow MoD JSP policy where applicable.
    
    
11. Who uses these areas?
    Government departments, the Armed Forces, the intelligence community and vetted contractors with a need-to-know. Access is controlled through UK personnel security (BPSS, SC, DV) and briefings for any caveats (e.g., NATO COSMIC).
    
    
12. What’s permitted inside?
    Only what the local SOP and risk assessment allow. NPSA advises zoning policies to exclude mobile tech from particularly sensitive areas; any government-managed devices admitted must be risk-assessed, configured and controlled.
    
    
13. Are Portable electronic devices (PEDs) permitted?
    Personal PEDs (mobiles, wearables, wireless earbuds, etc.) are normally kept out of sensitive zones. Where a business need exists, departments must apply mitigations and written authorisation; EMSEC risks are addressed through NCSC TEMPEST policy and UK NACE technical-security measures.
    
    
14. Are windows allowed?
    Yes, if the risk assessment supports it and mitigations are built in (e.g., non-opening secure glazing, acoustic treatment, blinds/films, blast performance where relevant). Treat glazing as part of the secure envelope and evidence the performance at assurance.
    
    
15. What devices are allowed?
    Yes, if the risk assessment supports it and mitigations are built in (e.g., non-opening secure glazing, acoustic treatment, blinds/films, blast performance where relevant). Treat glazing as part of the secure envelope and evidence the performance at assurance.
    
    Wireless personal devices are not admitted to sensitive zones by default. Medically necessary exceptions require a recorded risk assessment, technical mitigations (from UK NACE/NCSC guidance) and written approval.
    
    
16. Is “open storage” allowed?
    Only if your accredited secure working area is expressly approved for that mode after risk assessment; otherwise, material is kept in approved containers within the secure area. Use NPSA secure-room guidance and departmental SOPs to evidence the approach.

Compliance & Accreditation

What is a SCIF?

Design & Construction Services

Leasing & Finance Models

Lease vs. Buy

Does my business need a SCIF?

Ask a Member of our Expert Team

Have more questions regarding SCIFs - or need advice and support for planning your own Secure Compartmented Information Facility? Our team is on hand to answer your questions and share the technical insight we have to ensure you meet your project requirements.

Request a callback from a member of our technical team to get dedicated one-to-one consultancy for your SCIF requirements.