Add to collection(s) Add to saved
  1. Business
  2. Management

Digital Continuity in ICT Services Procurement and Contract Management

advertisement 
Digital Continuity in ICT Services
Procurement and Contract
Management
This guidance relates to:
Stage 1: Plan for action
Stage 2: Define your digital continuity requirements
Stage 3: Assess and manage risks to digital continuity
Stage 4: Maintain digital continuity
This guidance is produced by the Digital Continuity Project and is available from
www.nationalarchives.gov.uk/dc-guidance
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
© Crown copyright 2011
You may re-use this document (not including logos) free of charge in any format or medium,
under the terms of the Open Government Licence. To view this licence, visit
http://www.nationalarchives.gov.uk/doc/open-government-licence/open-governmentlicence.htm ;or write to the Information Policy Team, The National Archives, Kew, Richmond,
Surrey, TW9 4DU; or email: psi@nationalarchives.gsi.gov.uk .
Any enquiries regarding the content of this document should be sent to
digitalcontinuity@nationalarchives.gsi.gov.uk
Page 2 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
CONTENTS
Digital Continuity in ICT Services Procurement and Contract Management .................. 1
1.
2.
3.
4.
5.
6.
Introduction .................................................................................................................. 4
1.1
What is the purpose of this guidance? ..................................................................... 4
1.2
Who is this guidance for? ........................................................................................ 5
Why consider digital continuity during ICT procurement? ....................................... 6
2.1
Establish digital continuity as a strategic business requirement ............................... 6
2.2
Define usability requirements for information ........................................................... 6
2.3
Ensure requirements reflect the information lifecycle............................................... 7
2.4
Reflect digital continuity in planning for end of contracts ......................................... 7
2.5
Ensure your suppliers understand digital continuity ................................................. 8
2.6
Test for continuity after changes in technology and service provision ...................... 9
2.7
Manage change within contracts using an IAR ........................................................ 9
Why do you need an Information Asset Register in ICT services procurement? ...11
3.1
What is the role of an IAR in procurement? ............................................................11
3.2
What are the benefits of using an IAR? ..................................................................12
3.3
Who creates the IAR and who maintains it? ...........................................................13
Using the IAR in ICT services procurement ..............................................................14
4.1
Issue identification – solving problems before they start .........................................14
4.2
Continuity through change......................................................................................14
4.3
The IAR with the Service Description .....................................................................15
Using the IAR in an existing ICT services contract ..................................................16
5.1
Changing the IAR ...................................................................................................16
5.2
Detailing responsibilities .........................................................................................17
Further reading ............................................................................................................18
Appendix: selected glossary .............................................................................................19
Page 3 of 21
The National Archives
1.
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Introduction
Digital continuity is the ability to use your information in the way that you need, for as
long as you need.
If you do not actively work to ensure digital continuity, your information can easily become
unusable. Understanding and maintaining the digital continuity of your information requires
particular care and attention when working with external suppliers, to ensure that changes
are not introduced during the procurement and contracting process that will have an impact
on the usability of your information. Including the Information Asset Register (IAR) in an ICT
services contract helps to ensure that the contracting authority continues to have appropriate
access to, and usability from, its information assets for the duration of the services contract.
As well as maintaining digital continuity, the benefits for both the contractor and the
contracting authority in using an IAR in ICT services procurement and contract management
include solving problems before they occur and identifying opportunities for cost savings. It
also supports an organisation in working transparently, legally and accountably.
1.1 What is the purpose of this guidance?
This guidance provides you with practical information and support to help you maintain the
digital continuity of your information when updating ICT services contracts or creating new
ones, as well as highlighting the impacts that IARs have on an organisation’s ability to
perform.
This guidance will enable you to answer the following questions:
•
What are the key principles for managing digital continuity through ICT services
procurement?
•
What is an ICT Services Information Asset Register (IAR)?
•
What are the benefits and outcomes from using an IAR in ICT Services procurement
and contracts?
•
How should you use the IAR in an ICT services procurement or an existing contract?
Page 4 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
The latest version (2.3) of the ICT Services model Agreement 1 includes a provision for
managing a register of information assets. This guidance will help assist contracting
organisations in developing and implementing an IAR within their contractual relationships.
This guidance forms part of a suite of practical guidance 2 that The National Archives has
delivered as part of a digital continuity service for government, in consultation with central
government departments.
We strongly advise that you read Identifying Information Assets and Business Requirements 3
before reading this guidance.
1.2 Who is this guidance for?
This guidance is primarily aimed at procurement and IT professionals involved with
negotiating and managing contracts with suppliers. It may also be useful as a reference for
any staff involved with managing IARs.
1
See www.ogc.gov.uk/policy_and_standards_framework_model_ict_contract.asp for the latest version
of the ICT Model Contract. The specific provision is paragraph 11.13.2 in Schedule 2.1.
2
See our digital continuity guidance nationalarchives.gov.uk/digitalcontinuity
3
See Identifying Information Assets and Business Requirements
nationalarchives.gov.uk/documents/information-management/identify-information-assets.pdf
Page 5 of 21
The National Archives
2.
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Why consider digital continuity during ICT procurement?
Managing digital continuity requires putting in place processes and technical strategies that
can ensure information remains usable by the business for its full lifecycle. Digital continuity
is put at risk by change, including changes to the IT environment, supporting contracts,
business process and organisational function and structure.
Procuring new ICT services often introduces new technology or solutions, and may also
signify wider changes in the organisation. As such, it is critical that digital continuity is
considered in the procurement and contracting process, to ensure that this does not
introduce changes that impact on the usability of the information. This will also ensure the
effective management of further changes within, and at the end of, the contract period. It is
important to ensure that your information remains usable and that you protect its digital
continuity during changes in service providers.
The key principles for managing digital continuity during ICT procurement that you should
adhere to are as follows:
2.1 Establish digital continuity as a strategic business requirement
Digital continuity is a long-term business aim of strategic importance, as it ensures the
ongoing ability of the organisation to deliver services, operate effectively and remain
accountable, transparent and legally compliant. However, digital continuity might not be
considered in the shorter term requirements for individual procurement projects focused in
immediate needs during the contract duration. Establishing digital continuity as an
overarching strategic business requirement that needs to be factored into all procurement will
help to ensure that the long term needs of the organisation are appropriately prioritised and
recognised during procurement projects.
2.2 Define usability requirements for information
Digital continuity is the ability to use your information in the way that you need, when you need.
To ensure digital continuity, you need to clearly define how you need to use your information
and ensure that this usability requirement is reflected in your procurement process.
Page 6 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Your usability requirements should include consideration of how the business may need to
find, open, work with, understand and trust the information now and in the future, informed by
the lifecycle of the information and wider strategic needs of the organisation 4. Your usability
requirements will vary across your information assets and lines of business, depending on
what you need to do with the information, for how long, and its value. Your usability
requirements may go beyond the simple ability to open and edit documents for example, as
you may depend on particular contextual metadata to understand information, or related
audit and logging data to use the information as evidence.
Usability requirements can play an important role in ensuring that your suppliers contribute to
maintaining digital continuity. The usability requirements for each information asset can be
included in an Information Asset Register, documenting the organisation’s needs in a way
that both incumbent suppliers and incoming bidders can easily understand. An output based
service requirement can then be expressed to preserve the usability of the information and
services relevant to the contract, referencing the detail documented in the IAR.
2.3 Ensure requirements reflect the information lifecycle
It is critical that any requirements developed for ICT service procurement consider not just
immediate business need, but also the wider and longer term information usability
requirements of the organisation.This is especially important if it is likely that the information
lifecycle will be longer than the duration of the contract and the technology that is being
provided. The information lifecycle and retention period needs to be made explicit and
included in the usability requirements.
2.4 Reflect digital continuity in planning for end of contracts
The likelihood that information will be used by the business for longer than any given contract
period means that particular attention needs to be paid to end of contracts and provision for
the safe handover of information in usable forms, either to the contracting authority or
another provider.
4
For more information on defining information assets and their usability requirements and
documenting this in an IAR see Identifying Information Assets and Business Requirements
nationalarchives.gov.uk/documents/information-management/identify-information-assets.pdf
Page 7 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
You should ensure that the procurement and contracting process considers not only how the
ICT service will be implemented, but also decommissioned or handed-over at the end of the
contract, clearly outlining supplier and contracting authority responsibilities and expectations.
Easy contractual transfer between service providers will be significantly restricted if the
information isn’t held in a usable form that can be seamlessly transferred to another provider.
A significant factor in the specification and selection of systems and services should be the
conformance with open standards 5 and the ease of import and export of information in a way
that retains the usability the business needs at the end of the technology or contract life.
2.5 Ensure your suppliers understand digital continuity
It is critical that your suppliers understand digital continuity, the business requirements that
you need from your information, and are committed to managing it – not just contractually,
but through a thorough understanding of what information they are responsible for, what the
business needs, and how they will provide assurance that the information remains usable
throughout the management of their services.
It can be helpful for suppliers to understand the wider context in which they are delivering
their services, either as part of the contracting process or the ongoing relationship postcontract. If they know that the digital continuity of your information is a long term, strategic
business objective, this will make it easier for them to ensure that their services meet your
needs and will enable more meaningful and consistent dialogue and strengthened
relationship between you during the lifespan of the contract.
Consider asking your supplier to nominate a ‘supply side’ Information Manger who can
understand the client side IM issues and become an interface to their technical and
contractual colleagues.
5
For more information see the Cabinet Office Procurement Policy Note – Use of Open Standards
when specifying ICT requirements Action Note 3/11 31 January 2011
www.cabinetoffice.gov.uk/sites/default/files/resources/PPN%203_11%20Open%20Standards.pdf
Page 8 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
2.6 Test for continuity after changes in technology and service provision
You should plan for appropriate testing of your information for digital continuity after changes
in technology and service provision to verify that the information is still usable. Ensure that
requirements and responsibilities for this testing are reflected in your contracts. This will flag
any problems early and provide ongoing assurance that you are effectively managing your
digital continuity 6.
If the change is within a contract period, you need to identify who should be responsible for
testing the usability of information after any changes assessed as potentially impacting on
digital continuity. For example, the contactor could be responsible for testing, but with a
mechanism agreed for the contracting authority to validate and assure the results.
At the start of a new contact, you could require the contractor to test for the continuity of the
information covered by their service and obligate them to ensure its continuity throughout the
contract term. However, it may be more cost-effective for you to test the continuity of the
information, assuring that it is in a usable state, prior to commencement of a new contract. In
this case it is likely that the contractor will be relieved of any usability obligations pre-dating
the contract start.
2.7 Manage change within contracts using an IAR
Managing digital continuity within a contract term is also important, especially over long-term
contracts, e.g. outsourcing of IT services for several years, where at least one technology
refresh is expected. It is vital that both the contracting authority and contracted service
provider clarify roles and responsibilities for managing aspects of digital continuity. A key
responsibility is to assess the impact on digital continuity arising from changes during the
contract. This obviously includes technology change, but may also include changes to how
information is structured and organised, changes to policies and procedures, or changes to
governance and management by either party.
6
For more advice on how to test for digital continuity, see Testing for Continuity Checklist
nationalarchives.gov.uk/documents/information-management/testing-for-continuity-checklist.pdf
Page 9 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Example of managing change within a contract
The service provider plans a technical refresh, which includes an operating system
upgrade. This means that some niche applications and their associated data will no
longer be supported by their vendors. The service provider contractor should be
responsible for identifying such digital continuity issues arising from the technical
change, communicating and explaining them to the Authority and agreeing
appropriate mitigations with the Authority prior to the upgrade.
An IAR (see section 3) can be particularly helpful to ensure your supplier understands what
information they are responsible for, your usability requirements and to help ensure that the
impact of changes with the contract period, on the digital continuity of the information can be
effectively assessed.
Use of an IAR in procurement is one key way that you can help to assure digital
continuity both during the contract period, and also most importantly across multiple
contracts for the life of the information.
The rest of this guidance focuses on how you can use an IAR as a tool in your ICT
service procurement, to help assure that digital continuity is retained through
changes to technology and service provision.
Page 10 of 21
The National Archives
3.
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Why do you need an Information Asset Register in ICT
services procurement?
An information asset is a body of information, defined and managed as a single
unit so it can be understood, shared, protected and exploited effectively. Information
assets have recognisable and manageable value, risk, content and lifecycles.
An Information Asset Register (IAR) describes the information an organisation
holds, what use is required from it and technical information, such as file format.
When used in ICT services and contracts, the IAR refers to the specific assets which relate
to the service and are held by the service provider. 7 Establishing an IAR enables all parties
to maintain a shared understanding of the information, and its required business use,
clarifying responsibilities and allowing better management of change.
In other words, the IAR helps to ensure that you continue to have appropriate access to, and
usability from, your information assets for the duration of the contract, as well as post
contract.
Used in conjunction with an Output Based Specification (OBS), an IAR can be used to
ensure that contractors understand and support the usability required from your information.
It is intended to protect both the Authority and the Contractor by forming part of a clear
scope of works and defining responsibilities.
3.1 What is the role of an IAR in procurement?
The IAR is prepared by the Authority and defines and describes the information assets and
their usability requirements, in the way that is relevant to the organisation in the context of
their long term digital continuity needs.
7
Further information about the use of Information Asset Registers, including an IAR template, is
available as part of digital continuity stage 2 guidance. See nationalarchives.gov.uk/informationmanagement/projects-and-work/digital-continuity-stage-2.htm
Page 11 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
The relevant sections of the IAR are provided to the bidders as part of the bidding process.
The IAR sits outside the contract, but is referenced by it, and the contractor has an obligation
to maintain the register and return at the end of the term.
An output based service requirement should include the need to preserve the usability of
information relevant to services covered by the contract, with the IAR providing the detail of
what usability means in more detail. The risk of maintaining this usability for the duration of
the contract then lies with the contractor.
There is therefore an obligation on the contractor (using the IAR) to identify any
circumstances where a proposed change to the solution/contract could negatively impact the
usability of the information. Once such situations are identified, it is for the Authority to decide
on how to proceed to mitigate the potential impact, in consultation with the contractor.
Note: The IAR described in this guidance is one required to facilitate procurement and to
manage change in an ICT Services contract. It may form a sub-set of a more comprehensive
organisation-wide IAR which your organisation holds (beyond the contractual context, the
Authority may want to maintain additional information, for instance on other information
assets, information value, disposal schedules etc). 8 You should consult your information
management team, or Senior Information Risk Owner, and wherever possible work with the
resources and records they already have available to build your IAR. It is vital that if there are
multiple IARs in an organisation they are all consistent. This way, the resource impact of
including and maintaining an IAR in your procurement will also be minimised.
3.2 What are the benefits of using an IAR?
Using the IAR during procurement and management of ICT Services can help you to:
•
form part of an OBS, showing what information assets a contractor will be expected to
support and in what way, ensuring clarity and understanding between both parties
•
design a service that fully meets usability requirements for information and takes into
account any legacy technology issues
8
See more on information assets and IARs in Identifying Information Assets and Business
Requirements nationalarchives.gov.uk/documents/information-management/identify-informationassets.pdf
Page 12 of 21
The National Archives
•
Digital Continuity in ICT Procurement and Contracts Version: 1.0
identify potential digital continuity issues, and agree on issue resolutions during
solution design phase rather than relying on more expensive and risky post-contract
change control
•
identify and eliminate redundant data, leading to cost and process savings
•
identify redundant licensing, leading to cost savings
•
identify alternative file formats options which could affect software selection
•
reduce the risk of digital continuity issues being introduced inadvertently by change
through the life of the agreement.
3.3 Who creates the IAR and who maintains it?
The contracting authority should create the IAR prior to procurement and update or
refine it during the contract negotiations.
Once the ICT Services Contract is in place, and if the IAR guidance in the model contract is
implemented, the IAR is then referenced from, but not included in, the contract, and will be
maintained by the contractor. The ongoing maintenance of the IAR will need to be supported
by staff within your organisation; the aim is to ensure business requirements are always
documented as they change over time. It is your organisation’s responsibility to make sure
that the contractor is kept informed of any changes to the data within the IAR to enable them
to update the document. For short-term contracts technical change may not take place at all.
For both long- and short-term contracts it is important that the IAR is up to date at time of
contract completion, which is a significant point of change and therefore risk to digital
continuity.
The IAR is referenced from the contract by:
•
including it as one of the registers that the contractor is obliged to maintain
•
specifying which information assets support and relate to each of the services within
the Service Description.
Our guidance Identifying Information Assets and Business Requirements will help
you to:
•
understand and identify information assets
•
identify how you need to use your information
•
document the relationships between business requirements and information
assets.
Page 13 of 21
The National Archives
4.
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Using the IAR in ICT services procurement
The role of an IAR during ICT services procurement is to clearly define the information
assets that the contractor will be expected to manage and return to the organisation as part
of its service. As stated, this includes meeting your usability requirements, which in turn
requires an understanding of your business needs.
An IAR can be used to help to create part of the Output-Based Specification (OBS), or be
referenced by it. It will help provide an understanding of the data/information the contractor
will receive and will form part of the handover on completion of the project. This detailed
understanding will enable bidding suppliers to actively ensure that potential issues are
identified, issue resolutions are agreed and that the overall proposed solution is appropriate
and proportionate to the contracting authority’s needs.
4.1 Issue identification – solving problems before they start
The IAR will clearly identify all of the pre-existing information assets for which the new
service provider will take responsibility. It needs to record the following information about the
information assets:
•
how they need to be used by the organisation
•
whether any of the assets are required in an ongoing capacity for another part
of the organisation
•
what must be provided to the contracting authority on completion of the
project.
This will enable a dialogue with bidding contractors to identify any existing or potential digital
continuity issues in addition to other potential problems. During negotiation, solutions to any
issues can be agreed pre-contract, avoiding the potential for unforeseen and possibly costly
change mid-term.
4.2 Continuity through change
It is important to consider the long-term management of your digital information. In addition to
the business benefits listed above, the use of an IAR is intrinsically linked with managing
digital continuity, and will enable you to continue to use your information in the way you
need, for as long as you need. Having a good understanding of the information a business
Page 14 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
holds and its usability requirements, and recording this information in an IAR, will help you to
identify information that should be preserved, as well as that which is no longer needed.
The continuity of your digital information is most at risk during periods of change and you
need to make sure you understand what information you have, and how to manage it through
the transition. This change includes contract completion, when there may be staff and
operational changes, but most importantly a high likelihood of technical change, with
information transferred from one technology solution to another and changing contractual
obligations.
The IAR in the ICT services contract acts as a checklist of items to be assessed at times of
change, such as beginnings and ends of contracts, to prevent digital continuity loss. The
contractor needs to understand the consequences of technical environment or business
change in relation to the information assets (either through an operational change procedure
or a contract change procedure) and to make the authority aware of these consequences.
The organisation and the supplier will have to work closely to ensure this takes place.
4.3 The IAR with the Service Description
An IAR with a Service Description can be used to ensure that digital information has been
appropriately looked after and is in a state where it is useable, i.e. it can be found, opened,
worked with, understood and trusted. This need to preserve usability, as defined in the IAR,
can form part of the OBS.
The creation of the IAR and its association with the Services Description creates a clear
baseline requirement e.g. for end of project handover, which not only allows for the design of
an appropriate system but also provides a valuable reference point against which future
change can be assessed.
Page 15 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Example:
An organisation contracting for a new information management service specifies
that “certain regulatory requirements must be complied with, meaning that the
organisation must be able to find quickly and produce specific information assets
(IAR references IAR12 and IAR22) and demonstrate the integrity of the content
(proving that it has not been altered)”.
The contractor can then determine the most appropriate and cost effective
solution technical solution, and knows exactly what information assets this applies
to and the usability it needs to maintain.
When a change in technology is proposed during the contract period, the
Contractor and Authority can easily identify what information assets might be
affected by the change, and assess the impact on their usability.
5.
Using the IAR in an existing ICT services contract
5.1 Changing the IAR
It will almost certainly be necessary, as time goes on, for the content of an IAR to change. It
is important to note that the contract does not contain the detail of the file types, versions or
systems that relate to each information asset; this will be contained in the IAR itself. Changes
to the IAR will therefore take place under the Operational Change Procedure, unless such a
proposed change would require a change to the agreement.
Any change in the association of information assets to service outcome, as defined in
Schedule 2.1 of the ICT Service Contract, 9 would require a contract change, as with the case
any change to an OBS.
9
Available from version 2.3
www.ogc.gov.uk/policy_and_standards_framework_model_ict_contract.asp
Page 16 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
5.2 Detailing responsibilities
The model contract contains several clauses which detail rights or responsibilities in relation
to the IAR. In summary they are as follows:
•
the contractor is obliged to ensure that the IAR is maintained
•
any changes to the IAR should go through the Operational Change Procedure or the
Contract Change Procedure
•
all changes which go through the Operational Change Procedure or the Contract
Change Procedure will explicitly address the impact on the IAR
•
the Authority has the right to audit the IAR for completeness and accuracy.
Page 17 of 21
The National Archives
6.
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Further reading
Before including the IAR in any procurement you will need to create an IAR. The following
National Archives guidance provides more information about this:
Identifying Information Asset and Business Requirements
nationalarchives.gov.uk/information-management/our-services/dc-guidance.htm
The IAR should be used while scoping works and drawing up contracts. This will allow
contractors to provide accurate cost estimation, while also ensuring that the scope of the
work is clearly understood by both parties. See the latest version of the ICT Model Contract:
ICT Services Model Agreement and Guidance
www.ogc.gov.uk/policy_and_standards_framework_model_ict_contract.asp
Page 18 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Appendix: selected glossary
A
Asset
Any resource or capability. Assets of a service provider include
anything that could contribute to the delivery of a service. Assets can
be one of the following types: management, organisation, process,
knowledge, people, information, applications, infrastructure, and
financial capital.
See information asset also.
Availability (of
Ensuring information assets can be found, opened and worked with in
an information
the way required. This extends the traditional understanding of
asset)
availability as having hardware, software and systems available and
working when needed, to one of full availability of the information in
the way you need to use it. This means having the right processes and
technology available for the way you want to work with the information.
B
Business
Ensuring an organisation’s critical functions remain available over time
continuity
and through change. Ensuring the digital continuity of critical business
information should be one aspect of business continuity planning.
Business
The required purpose of an information asset. A combination of why
needs/
the asset is held, what it needs to be used for, how it will be used and
requirements
the value that this will bring to the organisation.
C
Completeness
Ensuring that neither the content nor the context of an information
(of information
asset is missing or degraded (either intentionally or accidentally) in
assets)
any way.
Configuration
Any individual component that is required to deliver an IT service. CIs
Item (CI)
can vary widely in size and type, though typically include IT services,
IT systems, hardware, software, documentation, supporting staff and
buildings.
Page 19 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
Configuration
The process responsible for ensuring an IT service’s performance and
management
functionality remain consistent with the requirements and design for
that system throughout its lifespan. It maintains information about
Configuration Items required to deliver an IT Service, including the
relationships between them.
D
Digital
The ability to use your information in the way you need, for as long as
continuity
you need.
Digital
A catalogue of tools and services to support the management of digital
Continuity
continuity issues and risks, which public sector organisations can
Framework
procure through Buying Solutions.
Digital
The completeness and availability your information assets must have
continuity
in order to deliver your usability requirements.
requirements
I
Information
An information asset is a body of information, defined and managed
asset
as a single unit so it can be understood, shared, protected and
exploited effectively. Information assets have recognisable and
manageable value, risk, content and lifecycles.
Information
Information Asset Owner is a role assigned to a senior member of staff
Asset Owner
by the Senior Information Risk Owner to ensure specific information
(IAO)
assets are handled and managed appropriately. This means making
sure information assets are properly protected against risk and that
their value to the organisation is fully recognised.
Information
A mechanism for recording your information assets, which should be
Asset Register
used for documenting what you know about your information assets,
(IAR)
business needs and technical environment. In practice, it may consist
of a number of separate registers documenting particular aspects of
your digital information and its environment.
Page 20 of 21
The National Archives
Digital Continuity in ICT Procurement and Contracts Version: 1.0
P
Provenance
The associated understanding of an information asset’s origins,
custody and ownership, which enables the user to understand its
source and integrity (i.e. the user can trust the information they have).
T
Technical
The systems on which information assets are stored, the hardware
environment
and software they rely on.
U
Usability
The requirements for how each piece of information or information
requirements
asset needs to be found, opened, worked with, understood and
trusted. This includes how the information needs to be used today,
and potentially in the future, and should include regulatory
requirements. Your usability requirements can then be used to define
the completeness and availability required to maintain continuity.
For a more detailed glossary of digital continuity terms, see:
nationalarchives.gov.uk/documents/information-management/digital-continuity-glossary.pdf
Page 21 of 21
Related documents
Unit 10: Course Summary and Final Exam
Unit 10: Course Summary and Final Exam
Digital Continuity Framework Supplier Project Assessment
Digital Continuity Framework Supplier Project Assessment
CENTENNIAL HONORS COLLEGE Western Illinois University Undergraduate Research Day 2015
CENTENNIAL HONORS COLLEGE Western Illinois University Undergraduate Research Day 2015
Continuity Formal Approach
Continuity Formal Approach
Continuity 6 Continuity 1
Continuity 6 Continuity 1
Social studies teachers should possess the knowledge, capabilities , and... organize and provide instruction at the appropriate school level for... II. TIME, CONTINUITY, AND CHANGE
Social studies teachers should possess the knowledge, capabilities , and... organize and provide instruction at the appropriate school level for... II. TIME, CONTINUITY, AND CHANGE
Lecture 7 - mh-lectures.co.uk
Lecture 7 - mh-lectures.co.uk
Download
advertisement