Identifying and recording critical data assets

Question 1

Who this guidance is for

Accepted Answer

This听guidance is mandatory for UK central government departments and arm鈥檚 length bodies (ALBs) including:

executive agencies
non-departmental public bodies听
non-ministerial departments听听

The guidance is optional for public corporations.听听

Data management is a devolved issue, so administrations in Scotland, Wales and Northern Ireland have their own approaches to data sharing governance. Local authorities do not have to take these actions either.听听

However, there are many benefits to aligning data sharing governance across the UK, 补苍诲听it鈥檚听important that administrations share good practice and learn from each other.

Question 2

What critical data assets are

Accepted Answer

A data asset is a container that holds one or more data resources. The most common resources are data sets and data services.听

A data set is an individual, structured collection of data that can be accessed in one or more representations. Data comes in numbers, text, pixels, imagery,听sound听and other multimedia 鈥� any of which might be collected into a data set.听

A data service provides听a way to access data sets 鈥� for example, through an Application Programming Interface (API) or File Transfer Protocol (FTP)

Critical data assets are the most important data assets听that an organisation has. If听that data听stopped being available, it could prevent that organisation听or another organisation who has access to that听data听from fulfilling听important functions.听

Here we refer to critical data assets听as听the most important data assets that are听shared across government.听For example, if the data from one organisation helps听another听organisation deliver a听public service or evaluate a policy.听This could be data collected听from people听to听claim a benefit which is reused for the purpose of research or the production of statistics.

We define critical data assets as:听

data provided by a government department or agency to another government department or agency, to support an essential process or purpose which is the responsibility of the receiving organisation听
data听acquired听by a government department or agency from another government department or agency, to support an essential process or purpose which is the responsibility of the acquiring organisation听

The receiving or听acquiring听organisation could include a devolved administration.听

A听critical data听asset听can include data that is either:听

publicly available 鈥� also known as 鈥榦pen data鈥櫶齖u003c/li>
restricted 鈥� it requires a data sharing agreement before it can be shared听听

Critical data assets听can cover all kinds of data, including听reference data, and be in any format.听Data included in听a听critical data asset听may not always be generated by your organisation. It can include data听purchased听or commissioned听鈥撎齠or example,听through surveys.

Question 3

Why critical data assets are important

Accepted Answer

Critical听data assets are crucial both to your organisation and other parts of the public sector.听听

At an organisation level, defining your听critical听data assets will ensure that your data assets are understood and appropriately resourced.听听

This will help you to:听

manage risk 鈥� for example, to听comply with听data protection law and security policies听
avoid duplication of effort 鈥� for example, by reducing data collection exercises听
realise the full value of your data by making it accessible and reliable听听

Critical听data assets also help the government meet its strategic听objectives听by improving:听

data quality across government听
public service delivery听
the effects of policies and programmes听

Having better data 鈥� data that is trusted, findable, accessible,听reusable听and fit for its purpose 鈥� will improve decision making throughout the public sector.

Question 4

Identify your critical data assets

Accepted Answer

Your organisation will need to engage with its directorates to听identify, assess,听agree听and collate a list of designated听critical听data assets.听听

This exercise should be led by your chief data officer, or the most senior official who听is responsible for听data across your organisation if you do not have a chief data officer.听听

They will need to select a team or individual to lead the coordination of this work, as well as get input from your:听

data owners 补苍诲听information asset owners (IAOs)听
data stewards
service owners听
analysts听
policymakers听听

If听you鈥檙e听a central government department, your team should coordinate the听critical听data assets for your ALBs.听

How to get started听听

Your team should consider which of your organisation鈥檚 data assets there is demand for, and how much other organisations rely on that data.听听

It may help to refer to your:听

data catalogues听
information asset registers听
register(s) of data sharing agreements听

You can also consider听designating听data assets that are of high potential reuse value that have not been shared yet.听

Prioritise data assets that support the delivery of听the government鈥檚 missions听and the services that your organisation delivers, including听your听Top 75 services.听听

Ownership and accountability听听

Every听critical data听asset听your team听designates听must have an information asset owner or data owner.听It鈥檚听important that a named responsible owner is always in place for听data听assets, particularly those which hold personal data.听听

This will usually be a senior听individual in your organisation. They will be听accountable for the meaning, content,听quality听and distribution of that听data asset.听听

You should consider providing a mailbox email address as the contact details for your data asset. This听can听help you handle enquiries听in a timely manner.听听

Find out more about听data ownership in government.

Identifying听your source data set听

If you听identify听a particular distribution of a data set as听a听critical data听asset, you should听designate听the source data set as听critical听data asset听as well.

Question 5

Purposes that critical data assets support

Accepted Answer

Each听critical data听asset听should fulfil one or more of the following purposes.听

1. Public service delivery听听

Data that supports听an important听service听related to the delivery or administration of:听

education,听training听and skills听
taxation听
working age,听disability听or health welfare benefits听
state pensions听
justice听
environment听
business and industry听
transport听
ownership of land and property听听

The organisation that receives the data听is responsible for听delivering the听service. The service must be public facing 补苍诲听benefit听an individual,听household听or business.听听

2. Legislative,听legal听or contractual requirement听听

Data that fulfils the听conditions听of specific legislation or a contract.听

The organisation that receives the data will use it to meet a regulatory or听other legally or contractually defined obligation.听听

3. Defence, national听security听and resilience听听

Data that supports听the delivery of a security, defence or intelligence听purpose or process.听听

The organisation that receives the data听is responsible for听delivering this听purpose or process.听听

4. Policy development and evaluation听听

Data听that鈥檚听required听for:听

forming policies听
evaluating policies听
research听听

This includes data that supports听the development or evaluation of听government policy commitments at various levels of maturity. For听example, from exploratory stages to the delivery of green or white听papers that the government intends to publish.听听

5. Official statistics听听

Data听that鈥檚听required听to produce听national statistics or deliver official听statistical products.听

You should not听designate听official听statistics听themselves听as听critical data听assets.听However, you should consider听designating听as听critical data听assets听the administrative data, surveys,听censuses听and other data sources from which official statistics are produced.听

6. Public interest听听

Data听that鈥檚听of public interest. For example,听data that is particularly valuable for promoting transparency and public accountability.听听

7. Fraud and Error听

Data that supports the听detection听of fraud and error.

Question 6

Record your critical data assets

Accepted Answer

Once your team has听identified听your organisation鈥檚听critical data assets, they must听maintain听a听record听that describes each one.听听

The Government Digital Service (GDS) is听developing solutions听that will enable government organisations to discover and share data with each other in a simple,听ethical听and secure way. This government service听will only hold information about听the听data assets (metadata), not the data itself.听

Prepare your metadata听听

Your team should听record metadata to describe each听critical data asset.听听

Examples of metadata include title,听description听and owner. There are hundreds of attributes for describing data assets.听GDS will听only听collect attributes听that cover the core information needed for each listing in its听central data听catalogue.听听

Maintaining your metadata听听

Your team should听review the听metadata听for your听critical data assets听every听12听months听to ensure it听is听accurate.听听

Data owners听are responsible for听the metadata they provide about their听critical data听assets.听There may be instances where data assets have changed and the metadata needs to be updated to reflect the changes.听

If a data owner leaves their role, they must:听

notify their team听
ensure there is a person ready to take on their role, and provide the name of this person so that metadata can be updated听

Where to听get support听听

The Data Frameworks and Standards听and Data Management听Teams听within GDS听are听available to听provide听support听and help you听underst补苍诲听and implement this guidance.听

Contact the team at: GDSDataManagement@dsit.gov.uk.

扒哥吃瓜