-
Low
No substantive senior executive involvement. Low SRO or steering committee engagement. Defensiveness or resistance to scrutiny
Off -
-
Senior executives, the SRO and steering committee have the adequate capacity to govern the project and are highly experienced in the area. They proactively foster a culture that is open to learning and bad news
-
Senior executives, the SRO and steering committee have the capacity to govern the project and are experienced in the area. There is evidence of a culture that is open to learning and bad news.
-
Senior executives, the SRO and steering committee have some capacity and relevant capability. The culture shows limited openness to learning and bad news.
-
Senior executives, the SRO and steering committee are involved, but lack capacity and/or relevant capability. Events affecting project progress are not openly aired.
-
No substantive senior executive involvement. Low SRO or steering committee engagement. Defensiveness or resistance to scrutiny
-
-
Delivery Confidence Assessment (DCA) tolerances
-
DCA tolerances
-
High
Steering committees are empowered to make decisions. Governance roles are clearly defined. Decisions are fast and informed. The SRO takes accountability for the project and impacted business areas. Clear ownership of business and delivery team issues.
Off -
Medium high
Steering committees are empowered to make decisions. Governance roles are defined. The SRO takes accountability for the project. Generally recognised ownership of business and delivery team issues.
Off -
Medium
Steering committee decision-making occurs but is not always timely. Governance roles are broadly defined. The SRO takes accountability for the project.
Off -
Medium low
Steering committee decision-making is ineffective or not timely. Governance roles are ill- defined.
Off -
Low
Substantive issues related to role clarity. Duplication, re-prosecuting or lack of timeliness in decision-making. Lack of accountability or finger-pointing.
Off -
-
Steering committees are empowered to make decisions. Governance roles are clearly defined. Decisions are fast and informed. The SRO takes accountability for the project and impacted business areas. Clear ownership of business and delivery team issues.
-
Steering committees are empowered to make decisions. Governance roles are defined. The SRO takes accountability for the project. Generally recognised ownership of business and delivery team issues.
-
Steering committee decision-making occurs but is not always timely. Governance roles are broadly defined. The SRO takes accountability for the project.
-
Steering committee decision-making is ineffective or not timely. Governance roles are ill- defined.
-
Substantive issues related to role clarity. Duplication, re-prosecuting or lack of timeliness in decision-making. Lack of accountability or finger-pointing.
-
-
Criterion 5. Build trust in design
-
Governance effectiveness
-
Assurance research series: 01
-
Assurance research series: 01
-
When and how to apply this criterion
When to apply
Apply Criterion 5 throughout Beta to protect users’ digital rights and ensure robust security measures are in place.
As cyber threats become more prevalent and sophisticated, adhere to this criterion across the Service Design and Delivery Process
How to apply
Questions for consideration
- how are users informed about the collection, use and storage of data?
- how will you obtain informed consent from your users?
- which encryption and authentication mechanisms will provide the most robust security?
- how does the service comply with data protection legislation and policies?
- what processes are in place to prevent misinformation?
- how is the service built to be resilient against cyber threats?
- what assurances are in place to promote ethical use of data?
Connect with the digital community
Share, build or learn digital experience and skills with training and events, and collaborate with peers across government.