HESA - Data Capability Toolkit
This self assessment tool is used to identify the aspirational maturity level for your institution. The assessment is part of the HEDIIP data capability toolkit which can found here:
Name of Submitter
Position in Institution
1 - How will data accountability and ownership be managed across the whole organisation?
0. Our data sets will have no clear accountability for ownership or sign-off
1. Responsibility for data will be held informally by the registry
2. Core Datasets will be a jointly owned asset between those managing the data and those accountable for it. Non core data still has unclear accountability
3. Core datasets will have visible and respected accountability, while non core data continues to reside in teams or departments where ownership and accountability is unclear
4. We will have a senior management sponsor for all data assets in our organisation. Information asset ownership will be embedded and distributed across the organisation
2 - What cost and value should be understood from data, and the outputs derived from that data by the organisation as a whole?
0. The value of outputs from data continue to be unknown - both in terms of what they are for and to whom they may provide value
1. Data will be understood to be the source of some recognised outputs, but the cost of production is not understood
2. Data will be valued as the source of our key institutional, statutory and internal outputs and the costs are understood
3. Data outputs will be of appropriate cost and quality to match the expectations of what is required
4. The outputs of data will form an integral part of how we deliver our most important services, and their value shall be well understood across our whole organisation
3 - How will data presented in the organisation?
0. Data will have no formal presentation. There will be no link between what the organisation does and the data which supports it
1. Data shall be represented in low level technical models to aid daily operations and systems development. It will rarely be surfaced outside IT/IS and the registry
2. Data will be represented through a variety of models and schematics but not well integrated with wider business operating and change models
3. Data will be represented as a 'journey' or 'supply chain' as part of wider business processes so ensuring value/dependencies/criticality is understood by all
4. We will co-create a common business vocabulary for data which builds into a master view of the data journey through the organisation
4 - Will specific roles exist for data management activities e.g. Data Steward, Data Architect, Data Analyst, Report Developer?
0. We will not have specific roles and do not have any concept of why we would need them
1. We perform the most basic data management roles, mainly around data cleaning - they will not be formalised
2. We will have some formal data management roles, primarily in operations but the stewardship roles are not filled outside of the registry
3. We will have a number of data specific roles which confer accountability across a variety of departments, for both operations and business change
4. Our organisation will have a range of data 'super-users' in every part of the business advocating and supporting data as an organisational asset
5 - Will data improvement proposals be sponsored at a senior management level?
0. We will have no data improvement proposals sponsored at a senior level
1. We will have some that tend to be specific to big problems we're trying to fix. These initiatives can get priority if they are deemed important
2. Senior management are aware of the value of data improvement, but support is project or issue based
3. Some data improvement initiatives will be supported/run at a senior management level although they often lose support in the long-term
4. All data improvement initiatives will be sponsored by senior management with strong support for providing the resources needed to undertake them
6 - Will data management issues and/or risks be recorded in auditable logs and/or risk registers?
0. We will not perform risk assessments on our datasets. Therefore nothing will be recorded in any logs
1. We will record risks and issues in our business unit / departmental risk logs although not always with mitigation
2. We will record and review risks and issues in our corporate risk logs
3. We will effectively manage risk with data using appropriate governance, mitigation, escalation and regular assurance
4. Risk and quality will be actively managed for all datasets. Breaches and metrics will be flagged and responded to by senior management
7 - Will data management principles and goals be embedded into wider policy documents?
0. We don't believe data will be referenced in any organisational policies
1. We will have some policies around data but they are not well communicated nor respected
2. We will have data policies, but we rarely invoke sanctions if they are breached
3. We will build actionable policies across multiple functions and they will form part of our wider policy library
4. We will ensure that the principles and goals of best practice data management are embedded and advocated in all appropriate policy documents
8 - What will be your organisations approach/capability around data analytics?
0. We will have no analytics capability other than spreadsheets in individual departments
1. Data will not be in a state where it can be easily analysed to support operational or strategic decision making
2. We will have a basic, people driven analytical capability for one or two datasets
3. A Business Intelligence (or similar) function shall be in place to provide decision support to more than one department/faculty
4. We will have made an investment in predictive analytics capability and supporting technology in support of our most important activities and aspirations
9 - Will data be collected for which there is no obvious purpose or value?
0. We will continue with data collection for no obvious rationale other than 'we've always done this'
1. We will continue to collect data we don't use or collect more than once. We don't know if something will break if we stop collecting it
2. There will continue to be some confusion around why some data is collected, but we will understand our primary data feeds and where the master copies are
3. We will use our data models, data governance and business processes to root out unnecessary data
4. We will regularly review our data collection activities in line with our operational and strategic needs. Data collection shall be driven directly from these models
10 - Will the quality of data be regularly problematic in terms of frequent and/or repeatable operations?
0. Data will be of inconsistent quality, and that quality is impossible to measure
1. We will continue to clean data far too late leading to much duplication and quality issues
2. Our core datasets will be of an acceptable quality, but its hard work to keep them that way
3. We will set, monitor and maintain quality metrics for the majority of our data, and at least some of the remedial work shall be automated
4. We will ensure our data is rigorously maintained to the published levels of quality using well understood metrics
11 - Will there be multiple copies of the datasets with little or no reconciliation?
0. Yes. We still will have no idea how many, where they are or what they are used for. Therefore no master copy shall exist
1. Faculty and registry data will not reconcile and changes will not supported by robust business process and/or data governance
2. We will have basic mastering/single version of the truth for our core datasets, even if this means we will just know where the copies are
3. A single version of the truth will be in place, in line with our data models and data governance for core datasets
4. Our data will be created, integrated, consumed and purged with traceability to the master data model, and supported by rigorous business process
12 - How (if at all) will meta and reference data management be used in the organisation?
0. We won’t have any formal meta and/or reference data available for any of our core or non core datasets
1. Meta and reference data will be used - where available - to help understand impacts to datasets, but no formal taxonomy/dictionary is in place
2. Meta and reference data will be available (if not complete) for the core datasets, but generally developed and maintained within the IT or operations team
3. Meta and reference data will be developed by the information asset owners and will be available as part of a lineage/audit process of change
4. Meta and reference data will be complete, rich, managed and maintained. No ambiguity means high re-use and accelerated development of new services
13 - Will those working with the data be constantly 'running to stay still' to deliver the required outputs?
0. It still will feel like we are firefighting, because we are struggling to keep up with demands of operational and change activity
1. People will have to go to extreme lengths/work long hours just to 'keep the lights on' so there will be no time/energy to improve anything
2. Our most repeated activities will be reasonably well resourced. We will struggle to deal with change or new initiatives
3. Our daily activities will be well understood, staffed and processed efficiently. We will be able to handle unexpected events and periods of additional work
4. Daily activities will be largely automated and supported by simple business processes. It shall be very rare we need to intervene
14 - Will data activities be prioritised over other things that need to be done?
0. The only priority for data activities will be to fix whatever is broken right now!
1. Other activities will always be seen as more important than improving our data management capability
2. Known data outputs - especially those relating to funding or regulatory matters - will be prioritised. But improvement activity will not
3. Priorities will be embedded in the data improvement plan which shall be sponsored by an accountable individual. We will modify this as new priorities emerge
4. Data activities will be core to our operations and strategy and therefore will be considered a high priority activity
15 - Will there be an understanding of best practice in data management and/or formal Data Governance?
0. We will still have no concept of best practice. Our data management will be chaotic
1. There will be little best practice or data governance activity outside of maintaining regulatory compliance/statutory reporting
2. The data management function will be fit for purpose and no more. Therefore we will have some best practice but it will not be organisation wide
3. We will trust (most of) our data, understand it, and know what will happen when we change it. Our best practice and governance ensures we shall look after it
4. We will have a defined and respected data principles, goals and practices which are consistently applied to all of our data operations
16 - Will the organisation have an approach/plan to improving data quality, and if so how is that manifested?
0. We will not have an approach to improving data quality
1. We will have some good ideas, but nothing formal enough to call a plan
2. We will have data quality targets and Key Performance Indicators (KPI), but these shall not be regularly assessed or challenged
3. We will have a data quality plan with performance measures that are monitored and assessed
4. Our data quality plan shall link the outputs to the wider organisational initiatives and will be monitored by senior management
17 - How secure will your data be, and how is that security maintained and audited?
0. We won't know whether our data is secure, and we won't know how to find out
1. We won't have a risk management framework or data governance activities to support known risks in our datasets
2. We will have a recognised security framework for our core datasets, and have sufficient confidence in that to be formally internal audited
3. Our data will be secured in line with the organisational risk appetite and we expect to be regularly externally audited to ISO / other respected standards
4. We will ensure all data is security marked in line with our published framework. We will run regular sweeps and tests to ensure auditing to the highest external levels
18 - Will your organisation have repeatable/documented processes to undertake the most frequent internal data operations?
0. Extracting, transforming and loading data will still be very expensive to do as it won't be standardised - even for frequent operational activities
1. Do and forget mentality - so no defined business process for many repeatable activities
2. Our business processes will be at well enough definition to produce timely and accurate organisational outputs and external returns
3. We will have repeatable and well understood processes to create/assure our most repeatable transaction and outputs
4. Our processes will be fully integrated with our organisations operating model and the majority of our data operations will be automated
19 - How will business processes be aligned to external returns and reporting obligations?
0. We will start again every time because we don't have time to document the processes to create the outputs
1. There will be a process for returns/reports but it will need to be augmented by 'workarounds' that are held in the heads of individuals
2. Our processes will be documented and can be carried out by any trained individual. We struggle when the process doesn't create the output we expect
3. Returns and external reports will be documented, understood, respected and mostly automated
4. Our operating model shall includes processes, dependencies, timings, metrics for all reporting obligations. Rarely will these need human intervention
20 - How will issues be tracked, resolved and audited?
0. We will fix on fail. No analysis of why the failure occurred will be done. We will not track issues after resolution
1. We will track issues as they occur, but we will not have time for root cause analysis unless it's a very serious issue
2. We will track and record all data issues, but we will not record the resolution in a way it can be re-used
3. We will track, priorities, record issues in a way they can be used in future problem management activity, and be auditable to ISO / other standards
4. We will collect, priorities, resolve and record all issues in a standard management framework which includes sophisticated root cause analysis
21 - How cross functional will collaboration be to mitigate risks / fix problems with data?
0. There will be no collaboration between cross disciplinary teams to diagnose/troubleshoot/resolve data issues
1. There will be some ad-hoc collaboration between IT, operations and other business units to fix serious problems
2. We will create a forum for sharing issues around quality and other data management issues which meets regularly and is respected
3. Multi disciplinary teams will work together to resolve data issues - either tactically or as part of a data improvement programme
4. Data issues will be worked on collaboratively between all functions, and prioritised according to wider business initiatives and needs
22 - How will data management processes be integrated with wider business processes?
0. We will not map out any processes for data so we cannot integrate them with wider business processes
1. We will have some defined data processes but they will not be well aligned with wider business process
2. We will have mapped out our operational processes allowing us to replicate frequent activities in our operational/departmental teams
3. We will have clearly mapped the flow of information across the organisation in order to understand the impact of business change on data models
4. Data processes shall be clearly documented and rigorously maintained, performance monitoring will be in place as a business as usual activity
23 - How will the impact of organisational change be assessed against current or future data management capabilities?
0. We will not consider the impact of change at all. We will just try and fit it in as it happens
1. We tend to find out about it after everyone else! It is difficult to understand the impact as we don't fully understand the current state
2. We will generally be represented on the larger projects and change initiatives, but we still find out about many changes too late to analyse them properly
3. We will work with project/change teams to ensure data assets are built/maintained as part of these changes
4. Data capabilities play a full part in organisational change. Impact assessment is undertaken early and changes are fully assessed before taking place
24 - Will the organisation measure data quality, If so, how will metrics be set and who will monitor them?
0. We won't measure quality or create any other data specific metrics
1. We won't provide quality measurements regularly, but we will be able to deliver it on a per project/per issue basis if needed
2. We will have only patchy measurement around the core datasets
3. We will have metrics and quality assessment in place for data deemed important by senior management
4. Organisation wide data quality (and other metrics) will be monitored as a business as usual activity at the most senior level
25 - How will data support evidence based decision making?
0. Decision making will continue to be largely intuitive and not supported by data
1. Data will be used to support decisions but the quality is poor or unknown
2. Data will be trusted to support a number of key decisions for daily operations and planning purposes
3. Data will be trusted, accurate, timely and available for supporting operational and strategic decisions
4. Data will be presented in customisable, analytical output and provides sophisticated what-if analysis
26 - Will there be a business continuity process/strategy for data assets?
0. There will be no plan for business continuity which includes data
1. There will continue to be a lack of and/or untested business continuity around the information assets
2. Data will be included in the plan, but will not be tested
3. Data will be a key part of the Business Continuity Plan (BCP) and well integrated with the operational processes that come into play during such an event. We test it at least annually
4. Data shall drive a significant portion of the BCP plan as data availability is core to our operations during an event. We will ensure the plans are always up to date and regularly tested
27 - How well does the wider business understand the role of IT around managing and using data?
0. There will be no recognisable understanding from any business unit of how data is managed by IT
1. It will be understood that IT is responsible for the storage and backup of data and some of the tools to manage it
2. IT will be included in wider business processes around outputs, but not fully integrated with new requirements and change
3. IT shall have a peer relationship with the wider business where the value of the electronic management of data is understood, although not always respected
4. Operational and change activity will be seamlessly integrated between IT and the wider business with all roles and responsibilities defined and understood
28 - What will the function of data architecture be in your organisation (if it exists)?
0. There will be no concept of data architecture in our organisation
1. There will be no formal data architecture but some of the concepts are partially implemented in our governance activities
2. We will have a data architecture function but it is unlikely to be fully staffed, nor have a mandate for real enterprise wide change
3. Data architecture will be understood and embedded but not across all disciplines. We will use target architecture to steer our change/development
4. Data architecture shall form part of our wider strategic governance and play a major part in operation and change within the organisation
29 - How will technology solutions support the organisations data lifecycle (e.g. acquire, clean, use, archive, purge)?
0. Technology dependencies will continue to hinder us in managing our data
1. Technology will not support our data lifecycle in any recognised manner
2. We will have limited data management specific technology which is not/partially integrated with wider management solutions
3. We will use technology to actively support and develop our data lifecycle management
4. We will manage data across its full lifecycle by analysing, improving and controlling information assets
30 - How will data be mastered and modelled?
0. All our data will be in Silo. There is no modelling or analysis performed when creating or modifying datasets and entities within them
1. Our data will be primarily in silo, although we understand some of the key interfaces between the different systems and repositories
2. We will have the concept of mastering data through our primary datasets, but interfaces and extracts will still not follow a recognisable model
3. We will use Data Warehousing technology to bring together our datasets under the control of best practice master data management
4. We will have complete three layer models that drive our data design and our warehousing/BI ensures the whole organisation sees 'one version of the truth'
Do you wish to receive a copy of the sector wide analysis that will be published at a later data, once sufficient self assessments have been submitted?
Your assessment scores will be anonomysed as part of an analysis of sector wide data capability. Please confirm your acceptance of this by selecting ‘accept’ below. If you select ‘do not accept’ your score will not be used
Do not accept
Page 1 of 1
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google.
Terms of Service