Standard

Digital and Data - Continuous improvement assessment framework (HTML)

Updated 15 July 2024

Version 1.1 of the Digital and Data Continuous improvement assessment framework replaces version 1.0. Minor update to clarify. In order to be good, better or best, an organisation would need to meet all the criteria for that level across the framework. Published alongside a new scoring tool.

1. Purpose and scope of this assessment framework

1.1 Purpose of this assessment framework

This assessment framework is designed to help drive continuous improvement within and across government, by helping government organisations self-assess their adherence to, and practical application of the Digital Functional Standard [2].

This assessment framework draws on, but does not replace, the Digital Functional Standard [2], of which it should be read in conjunction with. This assessment framework is designed for people undertaking assessments of their organisations and for people taking organisational improvement actions as a result of the completed assessment.

This assessment framework supports the commitment in the Transforming for a Digital Future roadmap [9] that all departments will, as a minimum, meet the definition of “good” for product-centric organisational structures and agile ways of working when self-assessed against the new Digital Functional Standard [2].

This assessment framework is not intended to be used to assess individual services, programmes or projects.

1.2 Scope of this assessment framework

This assessment framework applies to the planning, delivery, and management of digital focused activities within government organisations. It applies to government departments and arm’s length bodies.

This framework is a tool for continuous improvement, providing organisations with a practical approach to assess their maturity and identify areas of support in setting up appropriately to deliver digital transformation.

Further guidance on the scope of assessment frameworks can be found in the Guide to continuous improvement against functional standards [1].

2. Using this assessment framework

2.1 How this assessment framework relates to the functional standard

This assessment framework is intended to be used alongside the Digital Functional Standard [2] and aims to provide government organisations with a practical approach to assess their maturity against the standard. It is intended to be used so that the organisational leaders can plan improvement initiatives where needed, to support a focus on continuous improvement.

2.2 The structure of this assessment framework

This assessment framework is structured in a manner that intends to give organisations an indicative picture of maturity across digital themes. This design choice is in place to help organisations analyse their own functional performance in each key digital area to understand where and how they might be able to further improve. The content is structured by:

Theme: The overall topic area being covered.

Practice Area: A specific section of the theme being addressed.

Assessment Criteria: The statements to be met within each practice area.

The assessment criteria, for each theme and practice area, is made up of sets of statements organised into different indicatory levels of organisational maturity and capability against the aspects of the standard. These levels range from non-compliance or in the process of adopting (Developing), through to meeting the minimum requirements (Good), and onwards to Better and Best (visualised below).

Figure 1 Good, Better and Best

Assessment frameworks are based on statements drawn from the functional standard and weighted for importance.

Good means that all mandatory elements, and the most important advisory elements, are met. In order to be good, better or best, an organisation would need to meet all the criteria for that level across the framework.

2.3 Using the output of an assessment

Completed assessments can be used to help identify improvement initiatives within an organisation and as an input to continuous improvement activity.

It should also be clear that organisations should prioritise and de-prioritise any areas according to their specific needs, and focus first on developing maturity in those themes that are most appropriate for them. This will differ across government organisations, each of which has its own demands and priority concerns within digital and there is no prescribed order of focus beyond ensuring that all criteria are a minimum of ‘good’.

The completed assessment framework is for internal use only. It is designed to generate frank and open conversations around performance and maturity, and help organisations identify areas for improvement in line with the functional standard.

2.4 The structure of this assessment framework

The table below sets out the structure of the assessment framework, listing the practice areas addressed in each theme.

Theme 1 Governance of Digital, Data and Technology
1.1 Governance and strategy
1.2 Assurance
1.3 Capability
1.4 Product-centric organisational structures and agile ways of working
Theme 2 Services
2.1 Service management
Theme 3 Technology
3.1 Technology roles and governance
Theme 4 data
4.1 Data roles and governance

3. Assessment framework

3.1 Theme 1 Governance of Digital, Data and Technology

Governance comprises prioritising, authorising, empowering, overseeing, and assuring performance, to ensure the objectives of the organisation are met within the defined constraints.

Practice area: Governance and strategy

A governance and management framework is defined and established to manage digital, data and technology related activity and ensure governance is effective and structured. Roles and responsibilities are assigned to people with appropriate seniority, skills and experience. A digital strategy is developed and maintained by an organisation to set ambition for organisation-wide digital transformation, and to guide digital, data and technology in organisations.

Note: Related to Digital Functional Standard sections: 4.1 Governance and management framework, 4.2 Strategy and planning and 4.5 Roles and accountabilities.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. The organisation’s digital strategy considers the cross-government 2022 to 2025 Roadmap for Digital and Data [3], as set by the Central Digital and Data Office (CDDO). i. The organisation’s digital strategy is defined, measured, communicated regularly, and where possible, is published publicly. l. The organisation’s digital strategy exceeds targets set by CDDO and/or is delivering to the commitments ahead of schedule.
b. The organisation’s digital strategy is aligned to the organisation’s strategy. j. The organisation’s digital strategy is an enabling component part of the organisation’s wider strategy. m. The organisation’s digital strategy is integrated as a primary mission in the organisation’s wider strategy.
c. Senior leaders across the organisation are involved in setting the organisation’s digital strategy and priorities, and are regularly updated on its progress k. Senior leaders across the organisation are responsible for outcomes of the digital strategy relevant to their function. n. Senior leaders across the organisation consistently demonstrate a deep understanding of the digital strategy and its priorities, and are actively engaged in promoting the strategy internally and externally.
d. A governance and management framework for managing digital, data and technology related activity is defined, established and documented.    
e. Where appropriate, organisations support the development and implementation of the cross-government digital strategy and its commitments (for organisations required to meet the 2022-2025 roadmap commitments [3] this is evidenced by reporting against the cross-government digital strategy and commitments to CDDO on a quarterly basis).    
f. Organisations ensure that sustainability is a key consideration when designing digital solutions (including services) and they adhere to relevant legislation where required.    
g. Organisations ensure a senior officer accountable for the organisation’s digital strategy and planning is assigned.    
h. The senior officer accountable for digital (in most cases the Chief Digital Officer) sits on the organisation’s most senior decision governance forum.    

Practice area: Assurance

The purpose of assurance is to provide confidence to senior leaders and stakeholders that work is controlled and supports efficient and successful delivery of policy, strategy and objectives.

Note: Related to Digital Functional Standard sections: 4.3 Assurance and 4.4 Decision making.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. Organisations have an established digital assurance function that maintains a pipeline of current and future delivery and procurement of digital products and services. d. The organisation can demonstrate evidence of a clear process for capturing and eliminating duplication of digital spend and delivery. f. The organisation’s digital assurance function improves and innovates its processes to improve impact and reduce administrative burden on delivery teams and actively supports the cross-government assurance community by sharing best practice across government.
b. The organisation’s digital assurance function is adequately resourced to manage the pipeline, assure spending plans and assess digital services promptly. e. The organisation tracks savings and benefits delivered through its digital assurance capability. g. All digital delivery in the organisation is represented on the pipeline, and assured when delivery is of medium or high risk and impact.
c. Organisations comply with digital expenditure controls guidance.    

Practice area: Capability

Digital, data and technology capability is a priority profession in an organisation, and digital skills are developed across the organisation.

Note: Related to Digital Functional Standard sections: 2. Principles, 6.3 Deployment and operation of technology, 8.11 Digital capacity and capability and 8.13 Purchasing and contract management.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. All civil servants within an organisation are able to undertake digital training. e. The organisation has a plan for all civil servants to undertake digital and data essentials training. h. All civil servants within an organisation have undertaken digital and data essentials training.
b. - All senior civil servants within an organisation have undertaken digital and data essentials training. f. - All civil servants within an organisation have undertaken digital and data essentials training. i. All senior civil servants within an organisation have gained external digital exposure. This could be evidenced by a secondment, shadowing or regularly attending digital conferences.
c. Organisations have a defined strategy for the ratio of civil servants to outsourcing of their digital, data and technology workforce with a plan in place to implement. g. Organisations are meeting the ratio of civil servants to outsourcing of their digital, data and technology workforce.  
d. - Organisations ensure their digital, data and technology workforce is sufficiently resourced to deliver the business and user needs (the 2022-2025 roadmap commits that at least 6% of the overall workforce of the Civil Service will be members of the Digital, Data and Technology   profession.)    

Practice area: Product-centric organisational structures and agile ways of working

Organisations ensure the right structures and ways of working are in place to drive digital transformation and promote digital, data and technology, with a priority focus on agile and product-centric ways of working.

Note: Related to Digital Functional Standard sections: 2. Principles, 3.2 Digital transformation, 8.2 Delivery approach and 8.3 User-centred design

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. A number of digital service delivery teams in the organisation are multi-disciplinary. This is evidenced by service delivery teams comprising people from across the business, including policy and operations, actively collaborating in the analysis, design, development and testing of solutions. f. The organisation has a plan to ensure all service delivery teams are multi-disciplinary. i. All digital service delivery teams in the organisation are multi-disciplinary.
b. Agile is the preferred way of working in the organisation for most digital services teams. This means that most digital services are developed by teams that are typified by collaboration, prioritisation, iterative and incremental delivery and timeboxing. g. The organisation has a plan to implement agile as the main way of working across all their digital services. j. - Agile has been implemented across the organisation for all digital services teams.
c. A number of teams in the organisation deliver digital services using a product-centric approach by funding, structures, and delivery being centred on user needs. h. The organisation has a plan in place to move all digital services teams to deliver using a product-centric approach focused on user needs. k. All digital services teams in the organisation deliver using a product-centric approach focused on user needs.
d. Organisations involve digital colleagues in the early stages of policy development    
e. Organisations involve digital colleagues in the early stages of a project or programme to ensure it meets digital principles relating to procurement and delivery.    

3.2 Theme 2: Services

Services in an organisation are developed, managed, improved and, where needed, retired. Services are delivered digitally, where possible, and that delivery should be developed and delivered through multi-disciplinary teams using agile management techniques and frameworks. Services are delivered in accordance with the Service Standard [4], and are responsible and resilient.

Practice area: Service management and accessibility

Services are managed by an accountable service owner. The service owner should define and collect performance metrics, taking account of guidance set in the cross-government performance framework. Targets for performance of the service should be established and managed. Making services accessible and inclusive means ensuring that any potential user is able to use the service regardless of their personal characteristics, situation, capabilities or access needs, and is given equal access and opportunity to do so.

Note: Related to Digital Functional Standard sections: 5.1 Overview, 5.3 Service design and development and 5.7 Accessible and inclusive services.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. Organisations ensure that digital services have an accessibility statement that explains how accessible the service is, as required by the Public Sector Bodies (Websites and Mobile Applications) (No.2) Accessibility Regulations 2018. e. Organisations ensure that the accessibility of digital services are maintained at least yearly. h. Organisations ensure that the accessibility of digital services are maintained and iterated on a monthly basis.
b. Policy owners and those accountable for service delivery work together in cross-functional teams under a single service owner (See note 1) f. There is a single service owner accountable for the ownership and management of each end-to-end product or service.  
c. Digital services are designed and managed to meet the needs of users with defined ranges of abilities, and meet relevant accessibility requirements and legislation. g. Organisations spread accessibility best practice, such as by the publishing of blog posts and speaking at internal and external events on the subject.  
d. Service owners report on the performance of their services to their organisation at least quarterly using the CDDO framework, and make their reporting available to CDDO.    

Note 1 - The Central Digital and Data Office (CDDO) has developed a role description for Single Service Owners and is working with departments to test and refine this.

3.3 Theme 3: Technology

An organisation’s technology architecture reflects the technology strategy, supports existing and future delivery of the organisation’s services, and is deliverable within the organisation’s risk appetite. Technology used within and by an organisation should be understood and managed, with suitable governance controls in place to reduce or remove legacy technology, manage technical debt, track alignment with other organisations and understand vendor usage and supply chain.

Practice area: Technology roles, governance and management 

Technology roles and responsibilities are assigned to people with appropriate seniority, skills and experience. Senior technology roles attend the right governance forums, and appropriate technology discussions are held in the right forums. Organisations have mechanisms in place for managing and continually improving its technology solutions, so that changing requirements are identified, and business and user needs continue to be met.

Note: Related to Digital Functional Standard sections: 2. Principles, 6.1 Overview and 6.2 Technology development and maintenance and 6.4 Technology retirement and 8.7 sustainability.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. The organisation procures and manages a single cloud platform centrally. i. The organisation procures and manages at least two cloud platforms centrally, with approximate feature/service parity. n. The organisation continually improves at least two cloud platforms centrally as products.
b. Organisations ensure technology is made available to share and reuse across government organisations and functions. j. - Organisations are active contributors to open source repositories. o. - Organisations publish the majority of their code openly and publicly, where possible.
c. Organisations have a documented view of all legacy technology in their estate, including red-rated legacy [5], and have a fully funded remediation plan in place. k. Organisations do not have any red-rated legacy technology and maintain a robust remediation strategy for any remaining legacy components. p. Organisations continually assess and effectively manage their technology to prevent it from becoming outdated or obsolete, following industry best practices.
d. Organisations have a documented infrastructure hosted in either Public Cloud, Crown Hosting or at a managed on-premises data centre, with a plan in place to migrate all infrastructure to Public Cloud. l. - Organisations have a documented infrastructure hosted in either Public Cloud or Crown Hosting. q. The organisation’s infrastructure is hosted in Public Cloud for OFFICIAL and Private Cloud for SECRET.
e. - A senior officer accountable for technology in each organisation is assigned m. The senior officer accountable for technology in each organisation sits on the central technology governance forum (the Chief Technology Officer Council).  
f. Legacy technology risks are highlighted and managed at the organisation’s most senior decision governance risk register.    
g. Organisations have a defined strategy for the supply and management of their services and technology, whether built and managed by the organisation, supplied and managed by a third party, or delivered through a combination of both approaches.    
h. Disposal of technology meets security requirements, and any physical hardware disposal is, where possible, recycled using recognised and sustainable approaches. Relevant sustainability legislation is identified and complied with.    

3.4 Theme 4: Data

This section sets expectations for managing and maintaining data to benefit the public and government. Data should be treated as an important corporate asset that supports the organisation’s business and service delivery.

Practice area: Data roles and governance 

Data roles and responsibilities are assigned to people with appropriate seniority, skills and experience. This includes, but is not limited to, the activities, outputs or outcomes they are responsible for, and the person they are accountable to. Senior data roles attend the right cross-government decision-making forums. Data is managed and treated as an important corporate asset that supports the organisation’s business and service delivery. Personal data is handled in accordance with Data Protection, GDPR and other security advice.

Note: Related to Digital Functional Standard sections: 2. Principles, 7.1 Overview and 7.2 Data management principles and 7.3 Data frameworks and operating models.

Good
Criteria denoting good performance
Better
Criteria denoting better performance
Best
Criteria denoting best performance
a. - Organisations make use of cross-government data guidance and frameworks [6]. f. Organisations take action on areas of improvement highlighted by cross-government guidance and frameworks. j. Organisations have an embedded culture of continuous improvement using cross-government guidance and frameworks.
b. Organisations have undertaken a data maturity assessment [7] to measure and understand their ability to use data to achieve core business objectives. g. Organisations use the results of their data maturity assessment to make targeted improvements to their data ecosystem (see note 1). k. Organisations routinely use data maturity assessments to identify and mitigate strategic risk arising from low data maturity, and maintain higher maturity where required to deliver business objectives.
c. Organisations are moving towards a whole enterprise approach to data sharing, starting with essential shared data assets and engaging with central data sharing mechanisms [8]. h. Organisations are embedding a culture of whole enterprise data sharing, encompassing essential and non-essential shared data assets. l. Organisations take an open and transparent approach to data shared across government, reporting publicly where legally appropriate.
d. A senior officer accountable for data in each organisation is assigned. i. The senior officer accountable for data in each organisation sits on the central data governance forum (the Chief Data Officer Council).  
e. There is appropriate accountable ownership for all aspects of data management, including data quality, protection, security and ethics.    

Note 1: A data ecosystem is a network that allows for data management, storage use and exchange

4. References

All references are correct at the time of publication, users should check for updated versions.

ID Description
1 Cabinet Office, Government functional standards and associated guidance (Collection)
Note: this collection includes the common glossary for functional standards and guidance on conducting continuous improvement assessments.
2 Central Digital and Data Office, GovS 005: Digital Functional Standard (2023)
3 Central Digital and Data Office, Transforming for a Digital Future (2022)
4 Central Digital and Data Office, Service Manual
5 Central Digital and Data Office, Legacy IT Risk Assessment Framework (2023)
6 Central Digital and Data Office, Data Ethics Framework (2020); Central Digital and Data Office, Algorithmic Transparency Recording Standard Hub (2023)
7 Central Digital and Data Office, Data Maturity Assessment for Government: Framework (2023)
8 Central Digital and Data Office, Data Sharing Governance Framework (2022)
9 Central Digital and Data Office, Transforming for a Digital Future roadmap (2023)

5. Glossary

Please refer to the glossary of definitions in Government Functional Standard - GovS 005: Digital.