Keeping Children Safe in Education is statutory, it is updated almost every year, and the September 2025 edition is the one in force now. Most of the attention goes to what teachers must read in Part 1. Less attention goes to the quieter requirement that decides how defensible a school actually is: the Designated Safeguarding Lead must keep detailed, accurate and secure written records of every concern, every discussion, and every decision, including the reasoning behind decisions not to refer. This guide sets out exactly what KCSIE expects of those records, what changed in 2025, how the main safeguarding platforms compare, and why the real weakness in most schools is not the safeguarding system itself but the wall between it and everything else the school knows about the same child.
Speak to us about your school system · +44 7494 618 651 · Mon to Fri, 9am to 6pm
Keeping Children Safe in Education does not name a product and does not require software at all. What it requires is an outcome. Annex C, which sets out the role of the Designated Safeguarding Lead, expects the DSL to be equipped to keep detailed, accurate and secure written records of all concerns, discussions and decisions, including the rationale for those decisions. That phrase carries more weight than it looks. It means the record has to capture not only what happened but why a given course of action was taken, and crucially it includes instances where a referral was considered and not made. A decision not to escalate is itself a safeguarding decision, and it has to be recorded with its reasoning.
From the statutory wording, a compliant record has a consistent shape:
The reason for the chronology is early help. A single low-level concern means little; the same low-level concern appearing for the fourth time, alongside lateness and a change in behaviour, is a pattern. The records exist so that patterns surface before a situation escalates, which is also why the ability to see a child's full picture in one place matters so much.
The September 2025 edition kept the record-keeping expectations and added several things that bear directly on the systems a school runs:
KCSIE is consulted on and reissued regularly, and a 2026 edition is in draft consultation at the time of writing, so a school's safeguarding system needs to absorb annual change rather than be built for one fixed version of the rules.
Because a standard MIS does not give the DSL the restricted, structured, pattern-aware case management KCSIE expects, most schools run a dedicated platform alongside it. Two dominate the UK market.
Best for: Schools and trusts wanting highly configurable categories and a wide module set covering pupils, staff and visitors.
CPOMS is used across a very large number of settings in the UK and beyond. Its strength is configurability: a school decides what categories of concern it wants to monitor, and the system flags, links and reports against them. Beyond pupil welfare records (StudentSafe), it offers modules for staff concerns and allegations (StaffSafe) and visitor management, which keeps related strands of safeguarding inside one platform. Other school systems can escalate flagged incidents straight into it.
Best for: Schools wanting structured case management and anonymous reporting, within the Tes ecosystem.
MyConcern, part of Tes, is an award-winning safeguarding platform built around reporting, recording and monitoring concerns. It is known for clear case management and for supporting anonymous reporting, which lowers the barrier for staff and pupils raising something they are unsure about. Like CPOMS, its central value is bringing concerns into one place so trends become visible early.
Among the further options are Senso's Safeguard, youHQ for wellbeing-led safeguarding, and modules attached to wider welfare platforms. The market is healthy and the leading products all meet the core record-keeping expectations. The differences are in interface, category configuration, anonymous reporting, and the wider ecosystem each sits in, which is why a short trial with your own DSL matters more than a feature list.
Here is the part the product comparisons skip. The dedicated platforms are good at what they do. The problem is what surrounds them.
Attendance lives in the MIS. Behaviour lives in the MIS, or in a separate behaviour tool. Safeguarding lives in CPOMS or MyConcern. Special educational needs data sits in the SEN register. Each holds a genuine piece of the same child, and the pieces do not connect without someone connecting them. When a pastoral leader suspects that a pupil's deteriorating behaviour is linked to falling attendance and an open safeguarding concern, they open three systems, pull from each, and build the timeline by hand. The information needed to act early exists; it is the joining that is manual, and manual joining is exactly what gets missed when staff are stretched.
| Approach | Record-keeping | Connected to MIS data? | Audit trail | Ownership |
|---|---|---|---|---|
| CPOMS | Full, highly configurable | Via integration only | Within the platform | Subscription |
| MyConcern | Full, structured case management | Via integration only | Within the platform | Subscription |
| MIS safeguarding add-on | Variable, often basic | Within that MIS | Within the MIS | Subscription |
| Bespoke (ESRE) | Full, built to KCSIE | Same architecture as attendance, behaviour, SEN | Automatic across the whole system | Owned outright |
A bespoke system from ESRE starts somewhere a dedicated platform cannot. It is built on the engage.re graph, where a pupil, an attendance mark, a behaviour note and a safeguarding concern are all data on one architecture rather than records trapped in separate products. The safeguarding module is not a platform bolted on by an integration; it is part of the same system. The DSL still gets a restricted case history only they and their deputies can read, but that history sits alongside everything else the school knows about the child, so the pattern that takes three logins to assemble elsewhere is simply visible.
The audit trail is where the architecture changes the game. Every action across the whole system is recorded automatically in an immutable log: every entry, every message to a parent about a concern, every staff access to a record, every referral, each carrying an author and a system-set timestamp. The DSL never has to remember to record in a separate application, and the school never has to compile an evidence trail when an inspector asks, because the trail already exists as a property of how the system works. The version we are now implementing signs and hash-chains every event, so a record cannot be altered after the fact without the chain breaking. KCSIE record-keeping stops being a discipline staff must maintain and becomes something the system guarantees.
Two things follow that no safeguarding product offers. First, the system shows whether your safeguarding actually changes outcomes: because every change to a child's data is measured, a school can see whether the early-help intervention moved attendance, behaviour and engagement, not merely that a concern was logged. Second, the school owns the system and keeps shaping it. When KCSIE is updated, a new category, a new report or a new workflow is added as data in days, and the school can make the change itself: every build comes with documentation precise enough for an AI to follow, so the work happens in-house rather than waiting for a vendor's next release. The school owns the code outright, on secure UK servers it controls, with no per-pupil renewal. The full picture is on the School Management Software hub.
Whatever system a school runs, the evidence an inspector tends to probe is consistent:
No. KCSIE requires the outcome: the DSL must keep detailed, accurate and secure written records of all concerns, discussions and decisions, including the rationale and whether or not a referral was made. Most schools meet this with a dedicated platform because standard MIS products lack adequate DSL record-keeping, but the duty is about the records, not the tool.
Both are established case-management platforms that meet KCSIE record-keeping expectations. CPOMS is known for highly configurable categories and modules for pupils, staff and visitors. MyConcern, part of Tes, is known for structured case management and anonymous reporting. The practical differences are interface, configuration and ecosystem, so trial both with your own DSL.
On its own it is not; dedicated platforms do the job well. The friction is that safeguarding then sits apart from attendance, behaviour and pupil data, so connecting the signals that matter most for early help becomes a manual job across several systems.
Yes, in a bespoke system. A safeguarding module on the same architecture as attendance, behaviour and pupil records gives the DSL a permissioned, timestamped case history alongside the rest of the child's record, with an audit trail logged automatically rather than compiled later. See the school management software hub.
Speak to us about your school system · +44 7494 618 651 · Mon to Fri, 9am to 6pm