KCSIE: Key Changes Checklist

Keeping Children Safe in Education (KCSIE) is not the kind of document you can skim once, file away, and hope it never comes up again. In England, it is the statutory safeguarding guidance for schools and colleges. It shapes what staff training must cover, what policies need to say, how governors and trustees should challenge, and what inspection and audit conversations tend to focus on. When KCSIE updates, even small wording changes can create real tasks: a policy line that no longer matches the guidance, a training slide that now misses a risk area, or a gap in how you evidence oversight.

KCSIE 2025 came into force on 1 September 2025. The Department for Education describes the updates as largely technical, but the practical effect for settings is still meaningful. The 2025 version strengthens and clarifies online safety language (including misinformation, disinformation and conspiracy theories), adds links and tools connected to filtering and monitoring, points leaders towards generative AI safety expectations, reinforces attendance as a safeguarding issue, and clarifies expectations for alternative provision oversight. 

This guide is written for headteachers, DSLs and DDSLs, safeguarding teams, trust leaders and governors who want a fast-to-apply action list. It is designed so you can work through it with your safeguarding team, tick off tasks, and produce the ‘we have done this’ evidence that governors, audits and inspection conversations often look for.

Throughout, you will see links to official and reputable resources, such as the DfE’s Keeping children safe in education (2025) page, the KCSIE 2025 PDF, and practical tools like Plan technology for your school.

KCSIE 2025 Key Changes Summary

The simplest way to understand KCSIE 2025 is this: Part One stayed the same, while Part Two and supporting annexes gained clearer signposts and sharper wording in a few high-risk areas. Annex F is the quickest reference point because it lists the changes from the September 2024 version and explains why they were made. 

What changed, in plain language:

• Preventative education and RSHE: KCSIE notes the revised RSHE guidance published in July 2025 for introduction from September 2026, which matters because it affects curriculum planning and staff confidence when pupils raise sensitive topics. 
• Online safety language: The ‘content’ risks under the 4Cs now explicitly include misinformation, disinformation (including fake news) and conspiracy theories, so settings can treat these as safeguarding harms rather than ‘just internet drama’. 
• Filtering and monitoring: KCSIE links to a DfE self-assessment service so schools can check themselves against the filtering and monitoring standards and evidence an annual review. 
• Generative AI: KCSIE points schools to DfE guidance and product safety expectations, reinforcing that online safety controls still apply when pupils and staff use AI tools. 
• Alternative provision: KCSIE clarifies expectations for written checks, knowing where pupils are during school hours, and reviewing placements at least half-termly.
• Attendance as safeguarding: KCSIE clarifies that “Working together to improve school attendance” is statutory guidance, reinforcing the safeguarding link between absence and risk. 
• Virtual School Heads and kinship care: KCSIE clarifies the virtual school head signposting linked to promoting educational achievement for children in kinship care (non-statutory responsibility). 

Although these changes are described as technical, they sit in areas that governors and inspectors expect you to have actively reviewed and embedded.

KCSIE Checklist for School Leaders

School leaders usually do best with a ‘do this, then this’ flow that produces evidence. This checklist is written to help you create a paper trail quickly, without turning safeguarding into a bureaucratic exercise.

Start by setting a short window (e.g. a half day) where you, the DSL, your online safety lead, and a governor or trustee safeguarding link can work through the actions together.

1. Confirm you are working from the correct version
   Update links on internal systems so staff always land on the live document, not last year’s PDF. Save the current KCSIE 2025 PDF into your safeguarding folder and record the date you did it. 
2. Read Annex F as a team
   Annex F is the fastest way to identify what requires action. Build your action plan from it, not from memory. 
3. Produce a ‘KCSIE 2025 changes log’
   A one-page table is enough:

• The change area (e.g. ‘online safety content risks’)
• What you changed (e.g. ‘updated staff briefing slide and online safety policy language’)
• Who completed it and when
• Where evidence is stored

4. Audit policy alignment
   Check your child protection policy, online safety policy, behaviour policy, staff code of conduct, and low-level concerns process for alignment with KCSIE wording and expectations.
5. Refresh training content
   Even if Part One did not change, staff briefing content may need tweaks because online harms and AI now sit more clearly in the safeguarding narrative.
6. Confirm governor oversight
   Schedule a safeguarding link governor visit or trust safeguarding committee slot. Use it to review the changes log, the annual online safety risk assessment, and your filtering and monitoring review evidence.
7. Check multi-site consistency
   If you run a trust or federation, apply the same checklist to each site. Differences in filtering, monitoring, attendance practice, and alternative provision commissioning are common weak points.
8. Stress-test your reporting routes
   Ask: can staff report a concern in under five minutes? Can they find the DSL contact details instantly? Do they know the early help route?

Your goal is not perfection. Your goal is to show that you understood KCSIE 2025, acted on it, trained people and can evidence it.

What Policies Must Be Updated?

KCSIE does not provide a single ‘policy list’ because it expects a whole-setting approach. However, in practice there are core documents that nearly always need a review when KCSIE updates. The safest approach is to update policies by risk area rather than by department, because online safety and attendance cross boundaries.

Child protection and safeguarding policy

This is the anchor document. It should reference the current KCSIE version, your local safeguarding partners, how staff report concerns, and how you handle child-on-child abuse, allegations about staff, and online safety.

Online safety policy and acceptable use

Because KCSIE 2025 clarifies online content harms, your policy should now explicitly recognise misinformation, disinformation and conspiracy theories as safeguarding risks when they fuel bullying, harassment, exploitation, self-harm content or radicalisation. 

Filtering and monitoring policy or protocol

Many schools rely on an IT provider contract and a vague statement. KCSIE’s signposting pushes you towards clarity: named roles, a yearly review, and an escalation process when monitoring flags a safeguarding concern. 

Attendance policy

If your attendance policy is treated as purely administrative, KCSIE 2025 is the nudge to reframe it as safeguarding. Align the policy with the statutory Working together to improve school attendance guidance and show how you identify and act on patterns that indicate risk. 

Alternative provision commissioning and quality assurance

If you place pupils in alternative provision, you need written confirmation of safeguarding checks, accurate location records, and half-termly review evidence. KCSIE makes that expectation clearer. 

Staff behaviour policy and code of conduct

Ensure professional boundaries, reporting routes, and low-level concerns align so staff do not feel they must ‘solve it privately’.

Low-level concerns policy or procedure

Even if unchanged, revisit it so staff can explain it confidently. Auditors and inspectors often test culture by asking staff what happens if they feel uneasy about a colleague.

Data protection and information sharing protocol

Your privacy approach must not block safeguarding. Link your protocol to the government’s information sharing advice for safeguarding practitioners and the ICO’s 10 step guide to sharing information to safeguard children. 

Part One: Staff Briefing Checklist

Part One is the section most staff are expected to read. KCSIE 2025 notes that Part One had no changes, but staff briefings still need to reflect risks that KCSIE makes more explicit elsewhere. Your briefing should feel practical, not like a compliance lecture. 

A strong Part One briefing usually covers:

• The core safeguarding principles: It is everyone’s responsibility, and the child’s welfare comes first.
• The role of the DSL and deputies: Who they are, how to contact them, and what happens after a concern is raised.
• The reporting process: What to do if you are worried, including urgent concerns.
• Recording: What details matter, what not to include, and how to share promptly.
• Early help: What it is, why it matters, and what staff should look for.
• Online safety: Current harms, including misinformation, disinformation and conspiracy theories, and how these can link to bullying, radicalisation and exploitation. 
• Child-on-child abuse: Language that discourages minimising and explains why ‘banter’ can hide abuse.
• Staff conduct and low-level concerns: How the culture works and how to speak up.

A practical way to test your briefing is to ask three staff members afterwards:

• Who is the DSL today?
• How do you report a concern within five minutes?
• What would you do if an online monitoring alert suggests a pupil might be at risk?

If they cannot answer quickly, adjust the system, not the person.

Annex A vs Part One: Who Reads?

Most schools tell all staff to read Part One. Some settings use Annex A instead for staff who do not work directly with children, depending on roles and context. The important point is that your approach needs to be clear, consistent and documented.

Make it explicit in your induction checklist:

• Which groups read Part One in full (e.g. teachers, teaching assistants, pastoral staff, lunchtime supervisors, regular supply staff).
• Which groups can read Annex A (e.g. some contractors or occasional visitors, depending on your approach).
• How you confirm reading (digital form, signed declaration, staff portal completion record).
• What you do if someone has not completed it (restricted duties until completed, supervised access).

In multi-site trusts, avoid a confusing mix where one site uses Annex A for everyone and another uses Part One for everyone. Consistency helps when you evidence compliance.

Online Safety Risks: Misinformation and Conspiracies

Online safety is not only about devices. It is about what children absorb, believe and act on. KCSIE 2025 explicitly includes misinformation, disinformation (including fake news) and conspiracy theories under online safety ‘content’ risks. That wording matters because it legitimises action when online narratives fuel harm. 

In schools, misinformation and conspiracies show up in safeguarding in several ways.

Radicalisation and extremism

Conspiracy content can drive ‘us vs them’ thinking, antisemitism, misogyny, racism and recruitment into extremist spaces. When staff treat it as ‘just opinions’, they can miss escalation.

Health and self-harm

Misinformation about eating, fitness, self-harm methods and suicide can spread quickly, alongside hoaxes and harmful ‘challenges’. KCSIE signposts these risks and expects settings to treat them as safeguarding concerns when they indicate harm.

Abuse and exploitation

Children can be groomed through misinformation. Exploiters often use false claims, fake identities, and manipulated ‘proof’ to coerce children.

Bullying, harassment and coercive control

Misinformation can be weaponised between pupils: rumours, manipulated screenshots and false allegations. Even without sophisticated tools, the impact can be immediate.

Practical actions that help:

• Update your curriculum to include ‘how manipulation works’ and ‘how to check claims’, not only ‘don’t talk to strangers’.
• Teach pupils what to do if they see harmful content: report, block, tell a trusted adult, and avoid sharing.
• Make sure staff know your escalation route when online content indicates safeguarding risk.
• Engage parents with simple messaging and point them to resources such as UK Safer Internet Centre guidance.

Generative AI: Safeguarding Implications

Generative AI brings new opportunities and new safeguarding headaches. KCSIE 2025 links to DfE guidance and the DfE’s product safety expectations, signalling that schools should treat AI tools as part of the online safety landscape, not an optional extra.

Safeguarding implications to consider:

1. AI-generated sexual content and harassment

Pupils can generate sexualised images, altered images of peers, or abusive content quickly. Even if a pupil did not create the original photo, the harm to the victim is real and can link to coercion and bullying.

2. Grooming and manipulation

Generative tools can create convincing messages, fake profiles and targeted persuasion. Pupils may also use AI to imitate adults or peers, which can drive harassment or blackmail.

3. Misinformation and confidence bias

AI can produce fluent but incorrect answers. Pupils may accept it as authoritative, including about health, relationships, consent or extremist narratives. Staff can also fall into the trap of using AI for drafting without checking accuracy.

4. Data protection and confidentiality

If staff paste personal data or safeguarding details into an AI tool, they may breach confidentiality. Clear rules matter.

5. Filtering and monitoring gaps

AI tools can generate dynamic content that traditional web filtering may not catch. KCSIE signposting makes it harder to ignore this gap.

Practical next steps:

• Create a short AI use policy for staff and pupils covering safety, privacy, academic integrity, and reporting harmful use.
• Add AI scenarios to safeguarding training (simple, realistic examples).
• Review network and device controls with your IT provider and align your approach with Generative AI: product safety expectations. (qna.files.parliament.uk)

Filtering and Monitoring Review Checklist

KCSIE 2025 reinforces that governing bodies and proprietors should ensure appropriate filtering and monitoring systems are in place. It points leaders to the DfE filtering and monitoring standards and the self-assessment service. It also states that schools should review filtering and monitoring provision at least annually. 

Use this review checklist to produce evidence that stands up in audits.

Roles and accountability

• Name a senior lead who can explain how filtering and monitoring works in your setting.
• Confirm the DSL understands monitoring reports and escalation routes.
• Record who manages technical settings and who approves changes.

Risk assessment and pupil profile

• Review cohort risks (age range, SEND vulnerabilities, patterns of online harm).
• Consider out-of-hours access if pupils use school devices at home.
• Link decisions to your wider safeguarding risk assessment.

System effectiveness in practice

• Test filtering on real searches and sites relevant to current risks.
• Check that monitoring alerts trigger when they should and do not overwhelm staff with noise.
• Confirm staff know what to do when an alert indicates safeguarding risk.

Coverage and gaps

• Confirm coverage for on-site devices, remote learning, and any BYOD approach.
• Review mobile phone access, because many harms happen via 4G/5G, not the school network.
• Check how your system handles AI tools and dynamic content.

Over-blocking and curriculum impact

• Test whether filtering blocks legitimate safeguarding education content.
• Agree a rapid process to unblock when teachers need resources.

Documentation and evidence

• Save the annual review record, actions and provider communications.
• Keep a short ‘what we changed and why’ note.
• If you use the DfE tool, save the output or action summary from Plan technology for your school. 

If you want a governance lens, use Online safety in schools and colleges: questions from the governing board. 

Attendance Guidance: Safeguarding Links

KCSIE 2025 clarifies that the DfE attendance guidance is statutory. This is more than a paperwork update. It reinforces the safeguarding reality that absence, persistent absence and severe absence often sit alongside risk factors like neglect, domestic abuse, exploitation, mental ill health, caring responsibilities, and hidden harm. 

This is where many schools slip into a false split: safeguarding sits with the DSL, while attendance sits with the attendance officer. In reality, the data and actions need to connect.

Safeguarding-focused attendance practice includes:

• Rapid first-day response for unexplained absence, with curiosity not accusation.
• Pattern spotting for ‘soft signals’ such as repeated Monday absences, absences after weekends with known family stress, and sudden dips after a disclosure.
• Clear escalation when a child’s whereabouts are unknown during school hours.
• Joined-up work with early help, social care and the virtual school head where relevant.

Practical actions:

• Review your attendance policy against Working together to improve school attendance.
• Build an ‘attendance and safeguarding’ meeting agenda that includes the DSL, attendance lead and pastoral lead.
• Audit a small sample of persistent absence cases to confirm you considered safeguarding and early help routes.

Alternative Provision: Oversight and Expectations

KCSIE 2025 reinforces a core principle: when a school places a pupil with an alternative provision provider, the commissioning school remains responsible for safeguarding. That responsibility is not symbolic. It requires active oversight and clear records. 

Key expectations to embed:

Written confirmation of checks

Schools should obtain written information that appropriate safeguarding checks have been carried out on individuals working at the alternative provider. 

Knowing where pupils are

KCSIE states that schools should always know where a child is based during school hours. 

Regular reviews

The guidance sets an expectation that reviews should be frequent enough, at least half-termly, to provide assurance that the child attends and the placement remains safe and meets needs. 

Practical actions:

• Create an alternative provision due diligence pack: provider address, named safeguarding lead, evidence of checks, reporting route for incidents, and emergency contact procedures.
• Build a review schedule and keep brief minutes with clear actions.
• Standardise the pack and review cadence across a trust.

Useful external references include the DfE Alternative provision statutory guidance and the DfE guide on arranging alternative provision.

Early Help: What KCSIE Now Emphasises

Even when Part One stays the same, KCSIE sits within a wider safeguarding framework where early help is central. Schools often say “we do early help”, but they struggle to show how they identify need early, coordinate support and escalate appropriately. The statutory Working together to safeguard children guidance places strong weight on early help and multi-agency working, and KCSIE expects schools and colleges to operate confidently within that wider system. 

In practice, early help is not a single service. It is a way of acting early when families face barriers that could escalate into harm. In schools, early help usually involves:

• Early identification: Staff notice changes in behaviour, attendance, mood, hygiene or peer relationships.
• Early conversation: A staff member has a supportive conversation with the child and, where safe, with parents or carers.
• Joined-up support: The school links with local early help routes, mental health support, SEND teams, youth services or domestic abuse support.
• Review and escalation: If risk increases, the DSL escalates to children’s social care or police as appropriate.

Practical actions:

• Map your local early help routes and put them in your DSL handbook and staff safeguarding guide.
• Add early help indicators and threshold reminders to annual training.
• Audit a handful of early help cases for decision-making, consent where appropriate, and the child’s voice.
• Connect early help practice to attendance work, so persistent absence triggers support rather than only sanctions.

Virtual School Heads and Kinship Care

KCSIE 2025 clarifies the role of the virtual school head (VSH) in relation to children in kinship care, noting the extension of responsibility to promoting educational achievement for this group. 

This matters because children in kinship care can be less visible in school systems, yet may carry significant trauma, disrupted attachments, and practical barriers to attendance and learning. Schools do not need to become experts in legal orders. They do need to identify pupils in kinship care, understand likely vulnerabilities, and know how to work with the local authority VSH offer.

Practical actions:

• Review admissions and pupil information forms: do they capture kinship care arrangements sensitively?
• Check that the DSL and SENCo know who the local authority VSH is and how to access support.
• Add kinship care visibility into your ‘children potentially at greater risk of harm’ thinking.

A helpful starting point is the DfE guidance on promoting the education of children with a social worker and children in kinship care arrangements. 

Record Keeping and Information Sharing

Safeguarding records are not paperwork for their own sake. They tell the story of what you saw, what you did, and why. In serious cases, record quality can be the difference between “we acted early” and “we missed the pattern”.

KCSIE sits alongside government advice on information sharing and the wider statutory safeguarding framework. Information sharing guidance stresses that data protection should not be used as a reason to avoid sharing information where a child is at risk.

Practical record keeping standards to aim for:

• Consistency: Use a single system or agreed structure so patterns are visible.
• Timeliness: Record concerns the same day, especially where risk is escalating.
• Clarity: Describe what you observed and what the child said, using the child’s words where possible.
• Decision-making: Record why you chose early help, referral or monitoring, and who you consulted.
• Chronology: Keep a running timeline so staff can see escalation quickly.
• Transfer: Transfer safeguarding files securely and promptly when a pupil moves school.

Information sharing dos:

• Share when it is necessary to safeguard a child. If you wait for perfect certainty, you often wait too long.
• Share proportionately, with the right people, and record what you shared and why.
• Use the ICO’s 10 step guide to sharing information to safeguard children to help staff feel confident about lawful sharing. 

Information sharing don’ts:

• Do not promise absolute confidentiality to a child if sharing is needed to keep them safe.
• Do not use GDPR as a blanket reason to avoid action.
• Do not share widely ‘just in case’. Purpose and proportionality still matter.

Governor Safeguarding Compliance Checklist

Governors and trustees do not need to run safeguarding. They need to assure themselves that safeguarding is effective, well-led, properly resourced, and embedded in culture. KCSIE expects governing bodies and proprietors to take leadership responsibility, and Ofsted frameworks evaluate safeguarding effectiveness within leadership and management. 

Use this checklist as a practical agenda for a safeguarding link visit or committee meeting:

Compliance and assurance

• We have the current KCSIE 2025 and can show when we reviewed changes.
• We maintain a KCSIE changes log with actions and evidence.
• We have a current child protection policy, online safety policy, and staff code of conduct aligned to KCSIE.

Training and culture

• All staff completed annual safeguarding training and received updates.
• Staff can explain how to report concerns and who the DSL is.
• The low-level concerns process is understood and used.
• Induction and training records are complete for volunteers, supply staff and contractors.

Online safety governance

• We completed an annual online safety risk assessment.
• We completed an annual filtering and monitoring review and can evidence outcomes.
• Leaders and DSLs can explain how monitoring alerts work and how safeguarding concerns escalate.
• Curriculum plans include online safety education that reflects current harms, including misinformation and conspiracy content. 
• We use challenge tools such as Online safety in schools and colleges: questions from the governing board. 

Attendance as safeguarding

• We review persistent and severe absence data as a safeguarding indicator.
• We can show examples where attendance concerns triggered early help or safeguarding action.
• We align with the statutory Working together to improve school attendance guidance. 

Alternative provision oversight

• We can evidence due diligence for alternative provision providers.
• We know where pupils are during school hours and can evidence review cycles.
• We have termination or mitigation plans if safeguarding concerns arise. 

Resourcing and capacity

• The DSL has enough time and resources.
• Deputy DSL arrangements provide reliable cover.
• Staff supervision and wellbeing are considered, especially after serious incidents.

Inspection readiness (without panic)

• Leaders can explain how safeguarding works in daily practice.
• Records show timely action and multi-agency working.
• Policies match what staff actually do.

If your board wants extra context, refer to Ofsted’s Education inspection framework and Ofsted’s blog on how safeguarding is inspected. 

Conclusion

KCSIE 2025 may be described as technical, but it still creates concrete tasks for schools and colleges. The most important thing you can do is turn the update into a short, evidenced action plan that covers online safety language (including misinformation and conspiracy content), filtering and monitoring review, generative AI implications, attendance as safeguarding, alternative provision oversight, and the clarified role of virtual school heads in relation to kinship care.

If you do one thing this week, make it this: read Annex F as a team and build a single-page changes log with clear evidence. That small discipline reduces risk, strengthens culture, and makes inspections and audits feel much less like a guessing game.