Beta This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

Shared Workspace Business Manual

Using Shared Workspace: Controlling Access to Information


Information within Shared Workspace must be protected to ensure that only members witha specific business need and the appropriate authority are able to access the information.

Access to Information is controlled as follows:

  1. Registration and Enrolment
* HMRC users must be allocated the service before gaining access to the service [SW05210](
* Customers must represent a Customer Organisation accepted into Shared Workspace and be invited by an authorised Customer Nominated Contact before gaining access to the service [SW05230](
  1. Approval to become a member of a Room
HMRC Business Authorising Officers are responsible for authorising the addition of all HMRC Members [SW04225 ]( Customer Members to a Room [SW04235](
  1. Assigning Roles
When a member is added to a Room [SW05410 ]( are assigned a Role [SW05610 ]( controls which areas and information they have access to within a Room.
  1. Access controls
Shared Workspace is accredited by the Department to hold information that is marked up to and including Official Sensitive [SW03150]( Information of a higher marking must not be included. See the CSIR Help & Guidance pages for more detail about Government Security Classifications.  
When a member adds information to a Room they are responsible for considering and setting Access Controls [SW07410 ]( ensure only appropriate people are able to access it.
  1. Room Type
Rooms are created for either HMRC Only use SW06140 or for Customer use SW06150. Customer members can never have access to an HMRC Only Room.
  1. Room Banners
Particular care over access controls must be taken by HMRC members when adding information to a Customer Room. To act as a visual reminder to HMRC members of the type of Room they are working in, different coloured banners are used.