Service Standards and Service Assessment Policy
Classification: OFFICIAL
Policy Details
| Field | Details |
|---|---|
| Policy Identifier | JDDS-POL01 |
| Policy Owner | Head of Digital Compliance |
| Policy Sponsor | Chief Technology Officer |
| Date Created | 15/04/2026 |
| Date Last Reviewed | 15/04/2026 |
| Date of Next Review | 15/04/2027 |
| Expiry | When rescinded or replaced |
| Version | 1.0 |
Purpose
The purpose of this policy is to set out the organisation’s requirements for applying the principles set out in the Gov.UK Service Manual and participating in Service assessments for all digital services. It ensures that services are designed, delivered, and operated in a way that is user centred, accessible, secure, and provides value for money in line with the Government Digital Service (GDS) Service Standard and the Ministry of Justice (MoJ) Service Standard.
This policy supports consistent assurance, governance, and continuous improvement across the digital portfolio.
Scope
This policy applies to all digital services delivered, operated, or significantly changed by the organisation, including new services, live services, and services undergoing transformation or major change. It applies to all delivery phases, from discovery through alpha, beta, live, and retirement. It encompasses both transactional and non-transactional services, designed for internal users within the organisation and public facing services designed for external users.
The policy applies to all staff, contractors, suppliers, and partners involved in the design, delivery, operation, or assurance of digital services on behalf of the organisation.
Policy Statements
The following mandatory principles, standards and rules must be followed to ensure compliance with MoJ governance and assurance requirements:
Principles
All digital services delivered or operated by Justice Digital Data and Science must align with the Government Digital Service (GDS) Service Standard.
Service teams must apply the principles of the Service Standard throughout the service lifecycle, from discovery through to live and retirement.
Evidence of alignment with the Service Standard must be maintained and made available on request.
Services that meet the criteria for formal assessment must engage with the relevant service assessment process at the appropriate stage. Progression between delivery phases is dependent on meeting the required standard or agreeing proportionate actions where risks or gaps are identified, with those actions agreed with the relevant Service Standards function and, where appropriate, escalated through the appropriate governance route.
Service delivery teams must comply with the Service Standard and participate in required service assessments as a core part of the MoJ assurance, governance, and continuous improvement processes. This ensures that all services are user centred, accessible, secure, and deliver value for money.
Roles and Responsibilities
Describe and list the responsibilities assigned to specific roles, teams or governance bodies to ensure the effective implementation, oversight and management of the policy.
| Role | Responsibilities |
|---|---|
| Service Owners | Accountable for ensuring that services under their ownership comply with the Service Standards and engage with service assessments where required |
| Service and Delivery Teams | Responsible for applying the principles of the Service Standard throughout the service lifecycle, maintaining appropriate evidence, and addressing risks or gaps identified through assurance or assessment activity |
| Service Standards / Assurance Teams | Responsible for providing guidance, facilitating service assessments, reviewing evidence, and supporting teams to meet required standards in a proportionate and risk-based way |
| Governance and Portfolio Functions | Responsible for ensuring that compliance with service standards and assessments is embedded within organisational decision making, assurance, and investment processes |
Policy Reviewers
The Service Standards Team will be responsible for reviewing the content of this policy annually, and any ad hoc reviews, to ensure it remains accurate and fit for purpose. The policy owner, Head of Digital Compliance, will approve amendments.
Digital Standards Team
The Digital Standards Team is responsible for managing this template. Direct any requests for changes to the policy template to DigitalStandards@justice.gov.uk
Monitoring and Compliance
Compliance with this policy will be monitored through service assessments, assurance activities, and ongoing engagement between service teams and assurance functions throughout the service life cycle.
Progression between delivery phases may be contingent on meeting the required standard or agreeing proportionate actions to manage identified risks. Non-compliance may be escalated through appropriate governance routes.
Exceptions
Any deviations from this policy must be formally approved by the Senior Responsible Owner (SRO). Applications to deviate from the policy must be documented and subject to risk assessment.
Breach of Policy
Policy must be adhered to, and any breaches may result in steps being taken under the MoJ Performance Management Policy.
Failure to comply with this policy may result in delayed progression between delivery phases, additional assurance activity, or escalation to senior governance forums. In cases of significant or ongoing non-compliance, services may be required to pause delivery, implement remedial actions, or seek formal approval to continue with accepted risks. Breaches will be handled in line with organisational governance, risk management, and supplier management processes.
Related Policies and Guidance
The following policies, standards, frameworks, processes, procedures and guidance support this policy, which should be read alongside — and does not replace — other relevant organisational and cross government policies and standards, including but not limited to:
- Service Standard
- Service Standards Guidance
- Accessibility policy – link to be added
- Accessibility guidance
- Public Sector Bodies (Websites and Mobile Applications) Accessibility Regulations 2018
- Web Content Accessibility Guidance (WCAG)
- Data Protection and DPIA guidance, ensuring compliance with UK GDPR and data protection obligations
- Technology Code of Practice (TCOP)
- Functional Standards, including relevant Government Functional Standards (for example, Digital; Commercial; Project Delivery)
- Secure by Design
- Secure by Design guidance
- Security policies and guidance including cyber security, information assurance, and risk management requirements
Service teams are responsible for ensuring alignment across all applicable policies and standards.
Review and Update
This policy must be reviewed on an annual basis, or sooner where there are significant changes to the GDS Service Standard, organisational strategy, or assurance approach. Reviews must be conducted by the policy reviewers, defined in roles and responsibilities, and approved by the Policy Owner prior to being communicated to relevant stakeholders to ensure continued awareness and compliance.