-

Why you need to assure your work

Assurance frameworks and processes are in place to make sure we're following governance requirements, and that we have appropriate controls in place to mitigate risks.

These also ensure what we design and build is of good quality, follows required standards, and is safe, secure, and trustworthy for our users.

Doing things the right way using principles, guidance and standards should not slow down the delivery of services and outcomes.

Not following assurance processes or working to the Service Standard, puts your service, and the department's reputation at risk.

Legal requirements

We are legally required to meet certain standards in our service delivery process, these include:

• General Data Protection Regulation (GDPR)
• The Data Protection Act 2018
• Equality Act 2010
• Public Sector Bodies (Websites and Mobile Applications) Accessibility Regulations 2018

You could be exposing the department to legal action, enforcement, or sanctions if legally required standards are not followed or assured effectively enough.

Accessibility non-compliance example

If you build a service which has not been tested thoroughly with people who use assistive technologies, people with access needs, or have not had an accessibility audit, you risk:

• preventing people from being able to use the service
• people making mistakes when using the service
• complaints from people or additional requests for support
• investigative action by Central Digital Data Office (CDDO)
• enforcement action by the Equality Commission
• creating extra work, which wastes time, money, and effort

You will be breaking the law if you put a service live with accessibility problems, and do not detail a plan for fixing them, or tell users about the problems in an accessibility statement.

---

Updated: February 2023

Part of Service assurance: step by step

1. 1 Check what assurance you need

   All digital delivery work in DfE will need some kind of assurance.

   1. Types of assurance
   2. Check what assurance you need for your service
   3. Why you need to assure your work

2. 2 Prepare for a discovery peer review

   1. What a discovery peer review is

   If you're a team having a peer review.

   1. Who should attend a peer review
   2. What to prepare for a peer review

   If you're an assessor.

   1. Your role as an assessor

3. 3 Book and manage a discovery peer review

   You need to give at least 5 weeks notice when booking a peer review.

   1. Book your peer review online
   2. Manage your peer review online

4. 4 After a discovery peer review

   If you're a team having a peer review.

   1. Receive feedback and recommendations in a report
   2. How to take action on any recommendations

   If you're an assessor.

   1. Complete the report

   Everyone involved in the peer review.

   1. Give feedback on the discovery peer review process

5. 5 Prepare for a service assessment

   Service assessments are done in the alpha, public and private beta, and live phases.

   1. What a service assessment is
   2. DfE panel assessments
   3. Cross-government panel assessments previously GDS/CDDO assessments

6. 6 Book a service assessment

   You need to give at least 6 weeks notice when booking a service assessment.

   1. Book your service assessment online

7. 7 After a service assessment

   If you're a team having a service assessment.

   1. Receiving the assessment report
   2. How to take action on any recommendations
   3. If you need a reassessment

   If you're an assessor.

   1. Completing the assessment report
   2. Reassessing the service