SW03510 - Business Unit Policies and Assurance Checks: Security and Information Business Partner (SIBP) and the Data Usage Agreement

The Security and Information Business Partner (SIBP) has overall responsibility for the effective management of data held within Shared Workspace (SW).

The Security and Information Business Partner’s responsibilities include

• supporting the application made by the SW Business Sponsor for use of the service
• completing the initial Data Usage Agreement
• completing an annual Data Usage Agreement

A Data Usage Agreement is required for each application made and the bespoke Shared Workspace Data Usage Agreement template is available for this purpose.

The template must be sent from the Security and Information Business Partner’s email address to the SW Business Sponsor as this is evidence of the Security and Information Business Partner’s approval; equivalent to a hand signed document.

Data Usage Agreements must be retained in line with your business units retention policy. Each Business area maintains and publishes their own retention and disposal schedules and your Information Partner will be able to help you find them. There is a link to Information Partners on the S&I Zone A-Z.

Completion of Data Usage Agreement

The Data Usage Agreement is a record of the agreement between the Business and the Security and Information Business Partner (SIBP) giving assurance that the data held in each Deployment of Shared Workspace,

• Does not and will not exceed the Government Security Classification of Official Sensitive.
• Correlates with the purpose of the SW Deployment as stated in the Data Usage Agreement.