Contents on this page correlate to section 2.9 in the SDA Reuse Policy PDF
Compliance requirements
SDA Owners
Owners of endorsed Core and Common SDAs need to be compliant to this policy. An owner is non-compliant when they do not submit–fully or in part–the requested biannual report and attestation. Compliance will be monitored by DSIA. Non-compliance would be considered a breach of the SDA owner’s responsibility as defined in this policy and could result in funding implications for the SDA. The TDAG may request the SDA owner to provide justification to the DTB. Compliance will be reported on a regular cadence to the IDLG and DTB.
SDA Users
NSW Government agencies must use Core SDAs and should use Common SDAs. An agency is non-compliant if they procure or migrate to a solution that is not an endorsed Core or Common SDA and they do not have an approved reuse exemption. An agency that is non-compliant to use of a Core or Common SDA will be in breach of the agency responsibility, requiring justification to the TDAG.
If the TDAG agrees that an SDA could be used, the non-compliant agency will be required to provide a plan to how they will become compliant. Acceptance of the plan by the TDAG will be required, with escalations to IDLG or DTB if needed. Non-compliance may result in implications to the funding of the agency’s solution.
Compliance is managed and monitored by DSIA via:
- the ICT Digital Assurance Framework (IDAF)
- the NSW whole of government pipeline
- compliance will be reported on a regular cadence to the IDLG and DTB.
Previous
Next
SDA Reuse Policy
- Policy statement
- Principles
- How SDAs are identified and prioritised
- How SDAs are determined for agencies to use
- How SDAs are assured to continue to provide value
- Digital assets agencies must use
- Exemptions
- Reporting requirements
- Governance
- Compliance requirements
- Funding
- Support for SDA owners
- Ownership
- ICT industry involvement
- Usage reporting requirement
- SDA criteria
- Glossary and related documents