What is the RPA, and how can a school use it to protect against cyber threats?

Posted on 29 September 2022, by Nelson Ody, Product Manager Cyber Security
What is the RPA, and how can a school use it to protect against cyber threats?

Schools need to protect many different stakeholders and assets from unexpected events. Schools also have statutory duties, like any employer, to hold appropriate liability cover. Since September 2014 there has been an alternative to traditional commercial types of insurance cover, uniquely for schools.

Called the risk protection arrangement (RPA), it was introduced following the publication of independent analysis which showed that it would be cheaper for academy trusts if the UK government covered risks instead of commercial insurers. From 1 April 2020, the scheme expanded so local authority maintained schools were able to join.

RPA aims to protect schools against losses due to any unforeseen and unexpected event. Under RPA, where losses occur, they are covered by the UK government.

Schools classified as public sector schools can join the RPA. By September 2021 over 8,500 schools were members of the scheme. The cost of joining is based on the number of pupils in a member school, it is currently £21 per pupil per year.

Cover is comparable to that offered by a commercial insurance policy. Categories of cover include:

  • Employers’ liability
  • Third part liability
  • Governor liability
  • Professional indemnity
  • Damage to school property
  • Travel in the UK and overseas
  • Legal expenses
  • Business interruption

Cover for cyber threats

Following a 500-school pilot scheme, cover for cyber security incidents has been added to the threats covered.

To allow more schools to be eligible, and able to take advantage of the cover on offer from the RPA, at the end of the pilot the DfE changed the criteria. Cyber cover is now included if a school meets the following four conditions:

  1. Have offline backups.
  2. All employees or governors who have access to the RPA Member’s information technology system must undertake National Cyber Security Centre (NCSC) Cyber Security Training.
  3. Register with Police CyberAlarm.
  4. Have a Cyber Response Plan in place.

We have written blogs on backups, training, response plans and Police CyberAlarm to give you more information on how to meet the individual criteria.

Full details of the RPA are on the DfE website.

We have published blog pieces on the other elements of the RPA cyber protection. They cover:




Categories: Safety and security

Share this post
Categories
back to top button
back to top button


Back to top

Registered office: 142B Park Drive, Milton Park, Milton, Abingdon, Oxfordshire, OX14 4SE

Tel: +44 (0)1235 645 316   

Schools technology

Education technology from RM

Support services

School modernisation

Broadband for schools

Web filtering for schools

School management software

Classroom devices and hardware

Schools technology case studies

Schools technology blog

Contact us

Digital assessment

Assessment from RM

Create and deliver

Collect, collate and mark

Results and feedback

Assessment case studies

Assessment blog

Contact us

About us

About RM

Terms and conditions

Events

Newsroom

Buying frameworks

Customers

Log into your RM account

Support portal

RM plc

Investor relations

Careers

TTS UK

TTS International

Consortium

RM India

Group contact details

Policy

RM and cookies

Privacy

GDPR

Gender pay report

Tax strategy

Anti-slavery statement

Code of business conduct

Equality, diversity and inclusion

Environmental policy

Group carbon reduction plan

© RM 1997 - 2023