Skip to main content
Legacy System Register

Alpha This is a new service – your feedback will help us build it.

Terms of Service

Last updated on 5 February 2026.

These terms apply to the way you use the Legacy System Register. You accept our terms of use when you sign in to the service.

Signing in to the Legacy System Register

You must sign in to the Legacy System Register using a work or corporate email address. Your email account must be protected by multi-factor authentication (MFA). When you open emails sent by the Legacy System Register, you should only do this from a work-managed device.

Only approved users may access this service; self-registration is not permitted. If you believe you should have access, contact your departmental or organisational lead.

Granting access to other users

If you have permissions to manage other user accounts, you must only grant access to staff of your department or organisation, or contracted suppliers for the purposes of requesting information or completing assessments. It is your responsibility for who has access to view recorded data for your department or organisation. Any users who have left their position or otherwise do not require access to this service should be removed.

You must report all security or access concerns to the system administrators, whose contact details can be found on the help page.

Acceptable Use

For security, compliance, and maintenance purposes, authorised personnel may monitor and audit your use of this service and the associated systems and network traffic.

For Admin, Organisation Admin and Organisation User roles:

The information displayed by this service has been classified as OFFICIAL-SENSITIVE and your adherence to these terms is required to protect the need to know.

You are responsible for exercising good judgment regarding appropriate use of this service in accordance with Civil Service / your organisation's policies, standards, and guidelines. Civil Service resources may not be used for any unlawful or prohibited purpose. As a user you are personally responsible for acting within the Data Protection Act 2018, the Official Secrets Act 1989 and protecting commercial confidentialities (including those of HMG).

Access to this service is solely for the purposes of carrying out your official duties. Use of the data for any other reason is a violation of this policy and the Civil Service Code.

You are responsible for the security of data, accounts, and systems under your control. You must keep the email messages containing access links to this Service, and any associated authentication codes, secure and not share these with anyone, including other staff members, family, or friends. Providing access to another individual, either deliberately or through failure to secure authentication credentials, is a violation of these terms.

You must only access this service from a device that is managed by your department / organisation, which may include desktop, laptop, and smartphone and tablet devices, so as to avoid compromising authentication credentials or the information viewed. Devices must be managed in accordance with The Minimum Cyber Security Standard.

When accessing the service, you must only do this from networks that you trust, such as your organisation’s office network, your home Wi-Fi network, GovWi-Fi or your mobile provider’s data service (i.e. 4G, 5G etc.). Do not use untrusted public Wi-Fi hotspots such as those found in coffee shops, airports and hotels as these may compromise your communications.

You must remain vigilant for 'shoulder-surfing' at all times and it is recommended that you employ screen privacy filters when accessing the service in the vicinity of members of the public.

Always lock your device’s screen before leaving it unattended for any period of time. Ensure you sign out of the service and close your internet browser when you have finished using the service.

You are required to inform your organisation’s Cyber Security team and the service administrator immediately if you suspect that the security of your device, your mobile phone, your emails or the service access links have been compromised.

You are required to inform the service administrator immediately if you leave or change your role and no longer require access to this service.

This service is intended for use by authorised users from specified government departments, public sector bodies, partner organisations and selected suppliers only. Prior permission must be sought from the service administrator and relevant source department contacts before disclosing service information with any other parties.