The Data Assurance Group has established a toolkit to help members of the University assess the risk associated with the completion of data returns and set out a coherent process for doing so. The process is outlined in the detailed guidance on Data Risk Management and Assessment (39kb).
For each return (which may be annual or at another frequency, which may be several years), a Risk Register and accompanying Risk Assessment should be completed at the start of compilation (normally at the point at which formal guidance has been issued and before embarking on compiling the return) and presented to the Data Assurance Group for review at its next (termly) meeting.
For those returns presenting as high net risk (defined in the toolkit), or where the commissioning body requires the Vice-Chancellor to sign off the submission, a review should also be completed prior to submission. Good practice would be to conduct a review even when not falling under these criteria to ensure that learning from one submission is available for the next occasion, although there is no requirement to submit this to DAG unless there has been a major change during the compilation process or a reportable event.
Please see the following templates for assessing data risk:
Please send copies of completed risk registers and review sheets to DAG via the Group’s Secretary: Benjamin Neudorfer
