Guidance

Identifying and recording critical data assets

Updated 16 April 2026

© Crown copyright 2026

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/identify-and-record-critical-data-assets/identifying-and-recording-critical-data-assets

Who this guidance is for

This guidance is mandatory for UK central government departments and arm’s length bodies (ALBs) including:

  • executive agencies
  • non-departmental public bodies 
  • non-ministerial departments  

The guidance is optional for public corporations.  

Data management is a devolved issue, so administrations in Scotland, Wales and Northern Ireland have their own approaches to data sharing governance. Local authorities do not have to take these actions either.  

However, there are many benefits to aligning data sharing governance across the UK, and it’s important that administrations share good practice and learn from each other.

What critical data assets are

A data asset is a container that holds one or more data resources. The most common resources are data sets and data services. 

A data set is an individual, structured collection of data that can be accessed in one or more representations. Data comes in numbers, text, pixels, imagery, sound and other multimedia – any of which might be collected into a data set. 

A data service provides a way to access data sets – for example, through an Application Programming Interface (API) or File Transfer Protocol (FTP)

Critical data assets are the most important data assets that an organisation has. If that data stopped being available, it could prevent that organisation or another organisation who has access to that data from fulfilling important functions. 

Here we refer to critical data assets as the most important data assets that are shared across government. For example, if the data from one organisation helps another organisation deliver a public service or evaluate a policy. This could be data collected from people to claim a benefit which is reused for the purpose of research or the production of statistics.

We define critical data assets as: 

  • data provided by a government department or agency to another government department or agency, to support an essential process or purpose which is the responsibility of the receiving organisation 
  • data acquired by a government department or agency from another government department or agency, to support an essential process or purpose which is the responsibility of the acquiring organisation 

The receiving or acquiring organisation could include a devolved administration. 

A critical data asset can include data that is either: 

  • publicly available – also known as ‘open data’ 
  • restricted – it requires a data sharing agreement before it can be shared  

Critical data assets can cover all kinds of data, including reference data, and be in any format. Data included in a critical data asset may not always be generated by your organisation. It can include data purchased or commissioned – for example, through surveys.

Why critical data assets are important

Critical data assets are crucial both to your organisation and other parts of the public sector.  

At an organisation level, defining your critical data assets will ensure that your data assets are understood and appropriately resourced.  

This will help you to: 

  • manage risk – for example, to comply with data protection law and security policies 
  • avoid duplication of effort – for example, by reducing data collection exercises 
  • realise the full value of your data by making it accessible and reliable  

Critical data assets also help the government meet its strategic objectives by improving: 

  • data quality across government 
  • public service delivery 
  • the effects of policies and programmes 

Having better data – data that is trusted, findable, accessible, reusable and fit for its purpose – will improve decision making throughout the public sector.

Identify your critical data assets

Your organisation will need to engage with its directorates to identify, assess, agree and collate a list of designated critical data assets.  

This exercise should be led by your chief data officer, or the most senior official who is responsible for data across your organisation if you do not have a chief data officer.  

They will need to select a team or individual to lead the coordination of this work, as well as get input from your: 

If you’re a central government department, your team should coordinate the critical data assets for your ALBs

How to get started  

Your team should consider which of your organisation’s data assets there is demand for, and how much other organisations rely on that data.  

It may help to refer to your: 

  • data catalogues 
  • information asset registers 
  • register(s) of data sharing agreements 

You can also consider designating data assets that are of high potential reuse value that have not been shared yet. 

Prioritise data assets that support the delivery of the government’s missions and the services that your organisation delivers, including your Top 75 services.  

Ownership and accountability  

Every critical data asset your team designates must have an information asset owner or data owner. It’s important that a named responsible owner is always in place for data assets, particularly those which hold personal data.  

This will usually be a senior individual in your organisation. They will be accountable for the meaning, content, quality and distribution of that data asset.  

You should consider providing a mailbox email address as the contact details for your data asset. This can help you handle enquiries in a timely manner.  

Find out more about data ownership in government.

Identifying your source data set 

If you identify a particular distribution of a data set as a critical data asset, you should designate the source data set as critical data asset as well.

Purposes that critical data assets support

Each critical data asset should fulfil one or more of the following purposes. 

1. Public service delivery  

Data that supports an important service related to the delivery or administration of: 

  • education, training and skills 
  • taxation 
  • working age, disability or health welfare benefits 
  • state pensions 
  • justice 
  • environment 
  • business and industry 
  • transport 
  • ownership of land and property  

The organisation that receives the data is responsible for delivering the service. The service must be public facing and benefit an individual, household or business.  

2. Legislative, legal or contractual requirement  

Data that fulfils the conditions of specific legislation or a contract. 

The organisation that receives the data will use it to meet a regulatory or other legally or contractually defined obligation.  

3. Defence, national security and resilience  

Data that supports the delivery of a security, defence or intelligence purpose or process.  

The organisation that receives the data is responsible for delivering this purpose or process.  

4. Policy development and evaluation  

Data that’s required for: 

  • forming policies 
  • evaluating policies 
  • research  

This includes data that supports the development or evaluation of government policy commitments at various levels of maturity. For example, from exploratory stages to the delivery of green or white papers that the government intends to publish.  

5. Official statistics  

Data that’s required to produce national statistics or deliver official statistical products. 

You should not designate official statistics themselves as critical data assets. However, you should consider designating as critical data assets the administrative data, surveys, censuses and other data sources from which official statistics are produced. 

6. Public interest  

Data that’s of public interest. For example, data that is particularly valuable for promoting transparency and public accountability.  

7. Fraud and Error 

Data that supports the detection of fraud and error.

Record your critical data assets

Once your team has identified your organisation’s critical data assets, they must maintain a record that describes each one.  

The Government Digital Service (GDS) is developing solutions that will enable government organisations to discover and share data with each other in a simple, ethical and secure way. This government service will only hold information about the data assets (metadata), not the data itself. 

Prepare your metadata  

Your team should record metadata to describe each critical data asset.  

Examples of metadata include title, description and owner. There are hundreds of attributes for describing data assets. GDS will only collect attributes that cover the core information needed for each listing in its central data catalogue.  

Maintaining your metadata  

Your team should review the metadata for your critical data assets every 12 months to ensure it is accurate.  

Data owners are responsible for the metadata they provide about their critical data assets. There may be instances where data assets have changed and the metadata needs to be updated to reflect the changes. 

If a data owner leaves their role, they must: 

  • notify their team 

  • ensure there is a person ready to take on their role, and provide the name of this person so that metadata can be updated 

Where to get support  

The Data Frameworks and Standards and Data Management Teams within GDS are available to provide support and help you understand and implement this guidance. 

Contact the team at: GDSDataManagement@dsit.gov.uk.

Back to top