The role of information asset owners in government
Guidance for public sector organisations on who information asset owners (IAOs) should be, what they’re accountable for and how they should carry out their role.
Documents
Details
Information asset owners (IAOs) play a vital role in protecting one of the government’s most valuable resources: its information. IAOs should use this guidance to carry out their role.
Updates to this page
-
This guidance has been updated following the Information Security Review in 2023, and cross-government user research. We've also made improvements for accessibility.
-
Changes to: - align with Government Security: Roles and Responsibilities 2018 (removing reference to the mandation of positions such as Senior Information Risk Owners and Departmental Security Officers); - align the Role of the Information Asset Owner section with policy text included in Government Security Classifications Policy 2023; - remove out of date staff training and reference the new Security and Data Protection module on Government Campus; - update references to the Data Handling Review; - include reference to departments publishing a list of their IAOs; - update the executive summary; - remove out of date annexes; - make organisational responsibilities clearer under new subheading; and - change references to the Security Policy Framework to GOV007 Functional Standard Crown copyright page updated. Minor changes to formatting and branding.
-
Guidance updated in line with GDPR.
-
First published.