Introduction to assurance
Assurance refers to the process of confirming that something, such as a dataset or an organisation, meets defined standards. It combines technical checks (like whether data is machine-readable) with governance and legal considerations, including ownership and licensing, to establish trust in the data for decision-making, reporting, or product development.
In a data-sharing context, assurance helps everyone involved understand how much they can rely on the data and its source. It establishes trust in organisations, data, and the systems that connect them, while improving the quality and transparency of information for decision-makers by making it clear what published data is, who is responsible for it, and what it can confidently be used for.
Assurance helps to answer key questions:
- Who published this dataset, and can they be trusted?
- How accurate, complete, and up-to-date is the data?
- Does it meet legal, ethical, and technical expectations?
- Can it be used with confidence now and in the future for decision-making, reporting, or product development?
Icebreaker One (IB1) has developed an approach to assurance that provides a structured, transparent way to demonstrate that organisations and datasets meet agreed expectations for trustworthy data sharing. It helps data users understand how much they can rely on data, and data publishers show how they meet legal, technical, and governance requirements in proportion to how their data is used.
IB1 designs assurance to be adopted and governed by Schemes as part of Trust Frameworks, and tailored to specific use cases.
Assurance, Trust Frameworks and Schemes
Trust Frameworks operate at the sector level to collaboratively establish and maintain a light layer of identity management, governance, definitions, principles and open standards for data sharing, creating the foundations of a trusted data-sharing ecosystem.
Within this environment, Schemes define context-specific rules for particular data sharing use cases, providing technical, legal, policy and operational requirements for how data can be shared, by whom, and under what conditions.
Assurance is a core component of this structure, providing the mechanism Schemes used to:
- Publish verified organisational identity and responsibilities
- Signal the quality, provenance, licensing and governance of published datasets
- Support confidence, interoperability, and accountability across participants
A framework for consistent, scheme-specific assurance
IB1 assurance is designed to support scalable, interoperable data infrastructure through three guiding principles:
- Easy to find Machine-readable data and metadata enable datasets to be discovered, understood, and accessed efficiently by machines and humans, with clear signals about what exists, its origin, and permitted use.
- Easy to use
Explicit, published licensing metadata supports confidence in access and reuse - Trustworthy
Common rules for governance, security, liability, and redress reduce friction and enable data to be connected, reused, and trusted across sectors.
Guided by these principles, IB1 defines two complementary types of assurance:
- Organisational assurance confirms that an organisation meets baseline expectations for participating in a trust framework. This includes identity verification, governance practices, data handling responsibilities, and cybersecurity standards.
- Dataset assurance applies to individual datasets. It verifies things like metadata quality, data format, provenance, licensing, accessibility, and how consistently it is updated and maintained.
Generic assurance levels
IB1 has developed generic assurance levels for organisations and datasets, intended to enable schemes to provide a baseline requirement. These assurance levels are expected to remain consistent across IB1 Trust Frameworks. They can apply to both Shared and Open Data.
Generic assurance is expressed through four levels, ranging from Level 1 (minimum entry requirements) to Level 4 (comprehensive commitments to quality, transparency, and responsiveness). These progressive levels provide a common language for interoperability across trust frameworks.
The Energy Sector Trust Framework (ESTF) Assured Open Data scheme is an example of these assurance levels in use within the UK energy sector.
From generic assurance to scheme-specific assurability
Schemes define how assurance is implemented within their domain, setting out which assurance signals are required and how they are governed over time. In some cases, Schemes may define scheme-specific assurance or assurability frameworks, building on the same principles and structure.
For example, the Perseus Assurability Framework defines assurance signals, such as calculation methodologies, that are designed to support confidence in emissions-related data flows between small-to-medium enterprises and financial institutions. While tailored to its use case, it remains aligned with the same Trust Framework governance and assurance principles.
Operational guidance
As with all our work, Icebreaker One is co-designing Assurance with its members and the public in an open manner. It has and will continue to undergo refinement based on their feedback and input. Assurance is supported by practical guidance that helps organisations implement it consistently and transparently.
The ‘How to become an assured data publisher’ describes how to get your organisation and its data assured under the IB1 Assurance programme in a straightforward three-step process: Register, Prepare, Publish.
You can explore how IB1’s Assurance approach has developed in the Assurance timeline.