SATRE 2.0
SATRE 2.0
4.9 Data Protection
2.5 Information Security
2.8 Encryption
4.4 Financial Management
2.3 Capacity Management
5.2 Federation Researcher Accreditation
1.7 Public Involvement and Engagement
3.4 Information Search and Discovery
5.4 Federation Information Security
4.7 Relationship Management
SATRE Capability
2.2 Infrastructure Management
3.0 Data Management
1.5 Researcher Accreditation
3.2 Identity and Access Management
5.0 Federation Management
1.2 Quality Management
2.0 Computing Technology
4.2 Project and Programme Management
4.5 Procurement
4.9 Contract Management
1.6 Training Management and Delivery
2.6 Cyber Resilience
4.1 Business Continuity
1.4 Study Management
5.5 Federation Infrastructure Management
5.3 Federation Study Management
4.3 Knowledge Management
4.6 IT Service Management
5.1 Federation Governance
2.7 Vulnerability Management
2.4 Configuration Management
1.1 Information Governance
3.1 Data Lifecycle Management
2.9 Physical Security
3.3 Output Management
SATRE Pillar Capability
5.7 Federation Financial Management
5.6 Federation Data Management
1.3 Risk Management
2.1 End User Computing
4.8 Legal Services
Data
Data Items
User Documentation Data
Data Asset Register
Federation Project Register
Training Records
Study Register
Infrastructure Asset Data
User Identity Attributes
Encryption Keys
Research Data
Course Data
Federation Agreement Data
Training Records
Quality Management Data
Change and Configuration Data
Research Metadata
Federation Identities
Financial Data
Policy and Process Data
Activity Log Data
Roles
Public Member
Top Management
Developer
Public Engagement Specialist
Researchers / Data Consumers
Information Asset Owner
Study Manager
Data Steward
TRE Builder / Developer
Output Checker
Auditor
Data Analyst
Information Governance
Quality Manager
Information Security
Federation Operator
Processes
Identity Verification Process
Security Testing
Supplier Management and Monitoring process
Statistical Disclosure Control
Study Onboarding Process
Billing Process
Infrastructure Removal Process
Certification Management Process
Infrastructure Deployment Process
Resource Allocation Process
Response process
Curriculum Creation and Management
Security Patching
SATRE Business Process
Resilience process
Availability Management Process
Output Checking
Risk Assessment Process
Data Classification
Issue Management Process
Encryption Process
User Onboarding Process
Threat Modelling Process
Document & SOP Management Process
Data Archiving
Compliance Checking Process
Capacity Planning Process
Permission Assignment Process
Vulnerability Scanning
Data Minimisation
Asset Management Process
Change Process
Control Process
Risk Treatment Process
Public Involvement and Engagement Process
Requirements Gathering and Monitoring Process
Quality Management Reporting
Data Deletion
Federation Member Onboarding
Study Closure Process
Data Ingress
Risk Ownership Process
Recovery
Application Deployment Process
Configuration Management Process
Data Egress
Internal Audit Process
Authentication Process
DARE Federation Elements
Federated Identity Mapping Process
Trust Services
Registry Service
Management Services
Monitoring Services
Applications
Metadata Search and Discovery Application
Code Submission Interface
Key Management Application
Data Transfer Application
Command Line Interface
Electronic Quality Management System Application
Access Management Application
Federation Information Management System
Code Version Control Application
Desktop
Vulnerability Management Application
Study Management Portal
Intrusion Detection Application
Output Classification Tool
Network Management Application
Artifact Management Application
Learning Management System
Authentication Application
End user software tools
Automated Output Checking Application
SATRE Application Component
SATRE Application Service
Advanced or Cluster Computing Technology Service
Principles
SATRE Principles
Principle 1 - Usability
Principle 3 - Observability
Principle 2 - Maintain Public Trust
Principle 4 - Standardisation
SATRE Specification
3. Data Management
3.1.12 - Prevent Unauthorized Data Transfers
3.1.10 - Provide Proof of Deletion
3.1.13 - Minimize Stored Data
3.2.01 - Restrict Shared User Accounts
3.1.04 - Enforce Data Ingress Governance
3.1.19 - Offer Security Control Tiers
3.2.04 - Enforce Multi-Factor Authentication
3.1.11 - Log Data Modifications
3.2.02 - Verify User Identity
3.3.07 - Automate Output Checking
3.2.06 - Restrict Access by Location
3.1.08 - Maintain Data Inventory
3.3.03 - Implement Disclosure Control
3.1.01 - Assess Legal & Regulatory Risks
3.1.06 - Limit Egress Access
3.1.02 - Maintain Data Handling Records
3.3.02 - Define Project Outputs Early
3.1.14 - Ensure Archived Data is Read-Only
3.1.09 - Establish Data Deletion Policy
3.1.18 - Support Configurable Security Controls
3.1.03 - Classify Data Sets
3.3.05 - Handle Disclosure Risks
3.2.03 - Limit User Data Access
3.4.03 - Create Data Query Interface
3.4.02 - Standardize Metadata Models
3.3.01 - Classify Research Outputs
3.1.15 - Maintain Simple Archive Formats
3.3.08 - Minimize Research Outputs
3.2.05 - Support Federated Authentication
3.1.07 - Independent Egress Approval
3.1.17. - Define TRE Data Categories
3.1.16 - Plan for managing AI Models
3.4.04 - Enable Abstracted Data Access
3.3.06 - Apply Statistical Disclosure Methods
3.1.20 - Check Metadata for Disclosure Risk
3.3.04 - Assign Output Checking Responsibility
3.4.01 - Provide Metadata Catalogue
3.1.05 - Enforce Data Egress Governance
5. Federation
5.1.07 - Agree Consistent Risk Approach
5.1.09 - Standardise Federation Access Requests
5.1.04 - Share Incident & Quality Data Across Federation
5.5.01 - Maintain Federation Configuration Information
5.4.04 - Share Security Logs Across Federation
5.4.02 - Test Shared Incident Response Process
5.2.01 - Agree Federation Competency Requirements
5.3.01 - Maintain Safe Projects Register
5.1.02 - Define Federation Roles & Responsibilities
5.1.05 - Manage Federation Rules Lifecycle
5.3.02 - Agree Safe Federated Project Standards
5.6.01 - Agree Federation Output Management
5.1.10 - Ensure Public Representation Across Federation
5.4.03 - Support Federated Identities
5.1.03 - Agree Shared TRE Rules & Compliance
5.1.08 - Agree Standard Terminology & Glossary
5.7.01 - Agree Federation Pricing Framework
5.1.06 - Define TRE Join & Leave Processes
5.4.01 - Agree Federation Encryption & Key Standards
5.6.02 - Provide Federation Metadata Catalogue
5.1.01 - Define Federation Scope & Governance
1. Information Governance Pillar
1.5.03 - Manage Access with Identity Services
1.5.02 - Establish Onboarding Processes
1.7.02 - Publish TRE Operations & Data Info
1.4.05 - Implement Workflow Automation Portal
1.3.01 - Score Risk Severity
1.6.08 - Ensure Course Standardisation
1.3.02 - Conduct Data Processing Assessment
1.6.09 - Archive Historical Course Copies
1.2.04 - Conduct Audits
1.2.12. - Utilise Quality Management Systems
1.7.03 - Include Public in TRE Oversight
1.2.09 - Log & Resolve Process Deviations, Incidents ect
1.5.05 - Secure User & Service Authentication
1.2.02 - Use Versioning & Change Control
1.6.07 - Use Learning Management System (LMS)
1.4.02 - Maintain Time-Limited Compliance
1.1.03 - Allocate Adequate Resources
1.3.04 - Define Risk Roles & Escalation
1.1.02 - Implement Compliance Controls
1.1.01 - Monitor Governance Requirements
1.2.08 - Manage Physical Assets
1.4.01 - Ensure Legal & Ethical Compliance
1.7.01 - Ensure Inclusive Public Engagement
1.6.06 - Implement Online Training Platform
1.6.03 - Update Training for Competency Changes
1.6.05 - Accept Third-Party Training Certifications
1.4.06 - Record Research Studies & Projects
1.2.01 - Restrict Policy Changes
1.4.03 - Adapt to Regulatory Changes
1.7.04 - Disclose Incidents & Mitigations
1.2.06 - Enforce Supplier Security Standards
1.3.05 - Understand Organisational Risk Appetite
1.2.07 - Monitor Supplier Compliance
1.2.11. - Collect Quality Management Data
1.6.01 - Determine Role-Based Training Requirements
1.5.04 - Access Approval via Data Controller
1.4.08 - Provide Public Data for Public Benefit
1.4.04 - Standardise Project Closure
1.3.03 - Design & Record Risk Mitigations
1.2.03 - Measure Governance Performance
1.2.05 - Report Audit Outcomes
1.5.06 - Assign Unique User Logins
1.2.10. - Use Issues for Process Improvement
1.6.04 - Maintain Accurate Training Records
1.5.01 - Verify People in the TRE Org
1.6.02 - Provide Role-Based Training
2. Computing Technology
2.1.14 - Maintain User & Data Segregation
2.3.02 - Validate Project Resource Availability
2.1.03 - Restrict Direct Data Access
2.2.03 - Document Infrastructure Change Process
2.4.03 - Verify Configuration Validity
2.2.10 - Restrict Project Connectivity
2.1.08 - Control Shared Services Access
2.4.05 - Replace Non-Compliant TRE Systems
2.4.02 - Automate Configuration Management
2.1.09 - Mitigate Risks from Telemetry-Based Software
2.7.04 - Conduct Penetration Testing
2.1.06 - Apply Automatic Security Updates
2.2.01 - Document Infrastructure Deployment
2.6.02 - Implement Infrastructure Redundancy
2.4.01 - Document Infrastructure Configuration
2.7.02 - Apply Security Updates Consistently
2.2.09 - Control & Manage Network Infrastructure
2.1.18 - Integrate Large-Scale Analytics Tools
2.3.03 - Allocate Resources Among Projects
2.7.05 - Update Security Controls Based on Tests
2.2.13 - Record Usage Data
2.2.02 - Automate Repeatable Deployment Tasks
2.8.04 - Use Secure Encryption Standards
2.5.01 - Comply with Regulatory Requirements
2.7.03 - Enable Automated Patching
2.3.04 - Prevent Overspending
2.2.05 - Use Mirrored Development Environment
2.1.12 - Allow Access to Software Repositories
2.1.17 - Support Databases
2.2.06 - Document Infrastructure Decommissioning
2.1.01 - Restrict Data Copying via Clipboard
2.5.02 - Use Threat Modelling
2.8.05 - Implement Secure Key Management
2.8.01 - Encrypt Data at Rest
2.6.01 - Maintain Backups of Data & Environments
2.1.16 - Enable GPU Access
2.8.02 - Encrypt Data in Transit (External)
2.2.14 - Track Dataset Access
2.9.01 - Physical Security Measures
2.1.15 - Provide Scalable Compute Access
2.2.15 - Monitor Computational Resource Usage
2.8.03 - Encrypt Data in Transit (Internal)
2.6.05 - Test Incident Response Plans
2.6.03 - Backup Infrastructure & Configurations
2.2.07 - Understand Provider Availability Guarantees
2.3.01 - Clarify Project Resources & Costs
2.1.05 - Provide Software Usage Guidance
2.1.10 - Provide Relevant Software Applications
2.7.06 - Publish Security Testing Strategy & Results
2.2.11 - Block Outbound Internet Access
2.2.12 - Enable Network Monitoring
2.1.11 - Support Best-Practice in Reproducible Research
2.1.04 - Ensure Accessible TRE Interface
2.1.07 - Offer Shared Project Services
2.7.01 - Scan for Infrastructure Vulnerabilities
2.6.04 - Establish Rapid Incident Response
2.4.04 - Conduct Regular Configuration Audits
2.2.08 - Define & Share Availability Targets
2.2.04 - Test Before Production Use
2.1.13 - Control Available Software Packages
2.1.02 - Create Familiar Workspace Environment
4. Supporting
4.2.02 - Restrict Project Manager Access
4.3.03 - Conduct Training Needs Analysis
4.8.01 - Ensure Legal Advice Availability
4.1.01 - Develop Business Continuity Plan
4.3.02 - Offer TRE Education Programme
4.4.03 - Maintain Financial Sustainability
4.3.01 - Document TRE Implementation
4.6.01 - Maintain TRE Operator Team
4.8.03 - Assign TRE Contract Management
4.1.02 - Test Continuity Plan Regularly
4.8.02 - Secure Data Protection Guidance
4.2.01 - Assign Project Managers
4.4.02 - Track Project Costs
4.5.01 - Plan for Essential Goods & Services
4.7.01 - Establish Stakeholder Feedback Process
4.4.04 - Minimize Infrastructure Costs
4.4.01 - Ensure Projects Understand Costs
Constraints and controls
Drivers
Safe Provision of Trusted Research Environments
SATRE Principles
Computing Technology Requirements
Operational Requirements
Improvement Requirements
Support Requirements
Compute Resources
Planning Requirements
SATRE Pillar Requirement
Performance Requirements
Researcher Requirements
Leadership Requirements
Data Management Requirements
Organisational Requirements
SATRE Specification Requirement
Information Governance Requirements
Stakeholders
2.4 Configuration Management - Specification Req
Cyber Resiliance Processes
4.3 Knowledge Management - Specification Req
Training Management and Delivery Process
Output Management Application
Encryption Processes
Study Management Actors and Roles
2.2 Infrastructure Management - Specification Req
Study Management Applications
4.4 Financial Management - Specification Req
4. Supporting Capabilities
Output Management Role
SATRE Spec 1.4
Member Accreditation Actors and Roles
Computing Technology Actors and Roles
Identity and Access Management Processes
End User Computing Interface Applications
4.2 Project and programme management - Specification Req
Information Search and Discovery Roles
Data Management Roles
3.4 Information Search and Discovery - Specification Req
2.3 Capacity Management - Specification Req
2.7 Vulnerability Management Req
Quality Management Data
Advanced or Cluster Computing Group
Info Gov Actors and Roles
Identity and Access Management Applications
End User Computing Applications
SATRE Spec 1.3
Infrastructure Management Roles
2.1 End User Computing - Specification Req
End User Computing Data
Data Lifecycle Management Processes
Federation Req
4.7 Relationship Management Req
Encryption Data
Encryption Application
Capacity Management Processes
Quality Management Processes
2.5 and 2.9 - Information Security and physical security - Specification Req
3.2 Identity and Access Management - Specification Req
Configuration Management Data
Member Accreditation Applications
Data Lifecycle Management Roles
Member Accreditation Processes
4.1 Business Continuity Management - Specification Req
End User Computing Processes
2.8 Encryption Req
Infrastructure Lifecycle Management Processes
Training Management and Delivery Applications
4.6 IT Service Management - Specification Req
Vulnerability Management Processes
1.7 PIE - Specification Req
Infrastructure Management Applications
Member Accreditation Data
Data Lifecycle Management Data
1.2 Quality Management - Specification Req
Quality Management Applications
Output Management Processes
SATRE Spec 1.1
Capacity Management Data
Info Gov - Business Processes
3.1 Data Lifecycle Management - Specification Req
Information Search and Discovery Applications
Risk Management Actors and Roles
4.5 Procurement - Specification Req
1.5 Researcher Accreditation - Specification Req
3.3 Output Management - Specification Req
Information Search and Discovery Data
Quality Management Roles and Actors
SATRE Core Elements
1.6 Training Management and Delivery - Specification Req
Identity and Access Management Roles
Study Management Processes
Configuration Management Actors
4.9 Legal Services - Specification Req
Configuration Management Processes
Risk Management Processes
Vulnerability Management Application
Training Management and Delivery Data
2.6 Cyber Resilience Req
End User Computing Actors
Information Security Roles
Data Lifecycle Management Applications
Federation Foundation Services and Roles
Info Gov - Data
Study Management Data
(Study Management Processes - Study Onboarding Process)
(Study Management Processes - Study Closure Process)
(Study Management Actors and Roles - Study Manager)
(Study Management Data - Data Asset Register)
(Study Management Processes - Compliance Checking Process)
(Study Management Data - Study Register)
(Study Management Applications - Study Management Portal)
(Study Management Actors and Roles - Information Asset Owner)
(4.1 Business Continuity - 4.1 Business Continuity Management - Specification Req)
(SATRE Capability - SATRE Specification Requirement)
(Federation Foundation Services and Roles - 1.5 Researcher Accreditation)
(3.2 Identity and Access Management - 3.2 Identity and Access Management - Specification Req)
(3.1 Data Lifecycle Management - 3.1 Data Lifecycle Management - Specification Req)
(4.8 Legal Services - 4.9 Legal Services - Specification Req)
(3.3 Output Management - 3.3 Output Management - Specification Req)
(4.4 Financial Management - 4.4 Financial Management - Specification Req)
(2.8 Encryption Req - 2.8 Encryption)
(SATRE Spec 1.1 - 1.1 Information Governance)
(4.7 Relationship Management - 4.7 Relationship Management Req)
(1.7 Public Involvement and Engagement - 1.7 PIE - Specification Req)
(Drivers - Stakeholders)
Defines (Computing Technology Actors and Roles - Computing Technology Requirements)
(2.7 Vulnerability Management Req - 2.7 Vulnerability Management)
(2.6 Cyber Resilience Req - 2.6 Cyber Resilience)
(4.2 Project and Programme Management - 4.2 Project and programme management - Specification Req)
(2.4 Configuration Management - Specification Req - 2.4 Configuration Management)
(Data Management Requirements - Data Management Roles)
(Safe Provision of Trusted Research Environments - Drivers)
(2.3 Capacity Management - Specification Req - 2.3 Capacity Management)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.5 Information Security)
(2.1 End User Computing - Specification Req - 2.1 End User Computing)
(1.2 Quality Management - Specification Req - 1.2 Quality Management)
(SATRE Pillar Requirement - Constraints and controls)
Defines (Top Management - Information Governance Requirements)
(3.4 Information Search and Discovery - 3.4 Information Search and Discovery - Specification Req)
(Federation Req - 5.0 Federation Management)
(2.2 Infrastructure Management - Specification Req - 2.2 Infrastructure Management)
(1.5 Researcher Accreditation - Specification Req - 1.5 Researcher Accreditation)
(1.6 Training Management and Delivery - Specification Req - 1.6 Training Management and Delivery)
(SATRE Spec 1.4 - 1.4 Study Management)
(SATRE Spec 1.3 - 1.3 Risk Management)
(1.1 Information Governance - SATRE Spec 1.1)
(4.3 Knowledge Management - 4.3 Knowledge Management - Specification Req)
(1.6 Training Management and Delivery - 1.6 Training Management and Delivery - Specification Req)
(4.6 IT Service Management - 4.6 IT Service Management - Specification Req)
(4.5 Procurement - 4.5 Procurement - Specification Req)
(Info Gov - Data - Quality Management Data)
(Capacity Management Processes - Billing Process)
(Encryption Data - Encryption Keys)
(4.6 IT Service Management - Specification Req - 4.5.01 - Plan for Essential Goods & Services)
(Encryption Application - Key Management Application)
(2.1 End User Computing - Specification Req - 2.1.11 - Support Best-Practice in Reproducible Research)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.6.04 - Establish Rapid Incident Response)
(Federation Req - 5.3.01 - Maintain Safe Projects Register)
(Information Search and Discovery Roles - Researchers / Data Consumers)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.8.01 - Encrypt Data at Rest)
(2.2 Infrastructure Management - Specification Req - 2.2.14 - Track Dataset Access)
(3.3 Output Management - Specification Req - 3.3.03 - Implement Disclosure Control)
(2.5 Information Security - 2.6 Cyber Resilience)
(3.1 Data Lifecycle Management - Specification Req - 3.1.16 - Plan for managing AI Models)
(Data Lifecycle Management Processes - Data Archiving)
(2.1 End User Computing - Specification Req - 2.1.08 - Control Shared Services Access)
(3.2 Identity and Access Management - Specification Req - 3.2.03 - Limit User Data Access)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.5.02 - Use Threat Modelling)
(2.6 Cyber Resilience Req - 2.6.03 - Backup Infrastructure & Configurations)
(2.7 Vulnerability Management - Vulnerability Management Application)
(3.1 Data Lifecycle Management - Specification Req - 3.1.13 - Minimize Stored Data)
(3.2 Identity and Access Management - Specification Req - 3.2.05 - Support Federated Authentication)
(4.3 Knowledge Management - Specification Req - 4.3.01 - Document TRE Implementation)
(Data Lifecycle Management Data - Research Metadata)
(3.4 Information Search and Discovery - Specification Req - 3.4.03 - Create Data Query Interface)
(Computing Technology Actors and Roles - Researchers / Data Consumers)
(Training Management and Delivery Data - Course Data)
(4. Supporting Capabilities - 4.3 Knowledge Management)
(Data Lifecycle Management Data - Research Data)
(Infrastructure Lifecycle Management Processes - Change Process)
(Data Lifecycle Management Data - Data Asset Register)
(End User Computing Data - User Documentation Data)
(Quality Management Processes - Quality Management Reporting)
(3.3 Output Management - Specification Req - 3.3.08 - Minimize Research Outputs)
(End User Computing Processes - Application Deployment Process)
(Configuration Management Processes - Change Process)
(2.1 End User Computing - Specification Req - 2.1.06 - Apply Automatic Security Updates)
(Configuration Management Data - Change and Configuration Data)
(Quality Management Processes - Issue Management Process)
(SATRE Spec 1.4 - 1.4.05 - Implement Workflow Automation Portal)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.03 - Enable Automated Patching)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.6.03 - Backup Infrastructure & Configurations)
(2.2 Infrastructure Management - Specification Req - 2.2.15 - Monitor Computational Resource Usage)
(2.1 End User Computing - Specification Req - 2.1.05 - Provide Software Usage Guidance)
(Quality Management Data - Quality Management Data)
(2.1 End User Computing - Specification Req - 2.1.18 - Integrate Large-Scale Analytics Tools)
(5.0 Federation Management - 5.4 Federation Information Security)
(Federation Req - 5.1.08 - Agree Standard Terminology & Glossary)
(Identity and Access Management Processes - Authentication Process)
(Quality Management Applications - Electronic Quality Management System Application)
(Vulnerability Management Processes - Vulnerability Scanning)
(2.2 Infrastructure Management - Specification Req - 2.2.04 - Test Before Production Use)
(2.6 Cyber Resilience Req - 2.6.05 - Test Incident Response Plans)
(SATRE Spec 1.4 - 1.4.04 - Standardise Project Closure)
(1.5 Researcher Accreditation - Specification Req - 1.5.06 - Assign Unique User Logins)
(2.8 Encryption - Encryption Data)
(1.7 PIE - Specification Req - 1.7.04 - Disclose Incidents & Mitigations)
(2.8 Encryption - Encryption Application)
(End User Computing Interface Applications - Command Line Interface)
(Quality Management Data - Change and Configuration Data)
(Federation Req - 5.1.10 - Ensure Public Representation Across Federation)
(Information Governance Requirements - Organisational Requirements)
(1.6 Training Management and Delivery - Specification Req - 1.6.06 - Implement Online Training Platform)
(1.6 Training Management and Delivery - Specification Req - 1.6.09 - Archive Historical Course Copies)
(Data Lifecycle Management Applications - Data Transfer Application)
(2.0 Computing Technology - 2.5 Information Security)
(Information Governance Requirements - Performance Requirements)
(1.2 Quality Management - Specification Req - 1.2.06 - Enforce Supplier Security Standards)
(SATRE Spec 1.4 - 1.4.06 - Record Research Studies & Projects)
(Information Search and Discovery Applications - Metadata Search and Discovery Application)
(3.3 Output Management - Specification Req - 3.3.05 - Handle Disclosure Risks)
(1.1 Information Governance - 1.2 Quality Management)
(3.1 Data Lifecycle Management - Specification Req - 3.1.17. - Define TRE Data Categories)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.9.01 - Physical Security Measures)
(3.3 Output Management - Specification Req - 3.3.07 - Automate Output Checking)
(3.3 Output Management - Specification Req - 3.3.01 - Classify Research Outputs)
(Computing Technology Actors and Roles - Top Management)
(End User Computing Applications - Code Version Control Application)
(End User Computing Applications - Artifact Management Application)
(1.2 Quality Management - Specification Req - 1.2.05 - Report Audit Outcomes)
(SATRE Spec 1.3 - 1.3.04 - Define Risk Roles & Escalation)
(Federation Foundation Services and Roles - Management Services)
(1.6 Training Management and Delivery - Specification Req - 1.6.04 - Maintain Accurate Training Records)
(4.9 Legal Services - Specification Req - 4.8.01 - Ensure Legal Advice Availability)
(Quality Management Roles and Actors - Quality Manager)
(2.7 Vulnerability Management Req - 2.7.01 - Scan for Infrastructure Vulnerabilities)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.8.02 - Encrypt Data in Transit (External))
(2.1 End User Computing - Specification Req - 2.1.01 - Restrict Data Copying via Clipboard)
(3.1 Data Lifecycle Management - Specification Req - 3.1.09 - Establish Data Deletion Policy)
(2.1 End User Computing - Specification Req - 2.1.07 - Offer Shared Project Services)
(Info Gov Actors and Roles - Top Management)
(Information Governance Requirements - Planning Requirements)
(SATRE Pillar Capability - SATRE Capability)
(3.1 Data Lifecycle Management - Specification Req - 3.1.18 - Support Configurable Security Controls)
(Data Management Roles - Information Governance)
(Federation Req - 5.7.01 - Agree Federation Pricing Framework)
(Encryption Processes - Encryption Process)
(4.4 Financial Management - Specification Req - 4.4.04 - Minimize Infrastructure Costs)
(2.1 End User Computing - Specification Req - 2.1.17 - Support Databases)
(Identity and Access Management Applications - Access Management Application)
(Federation Req - 5.3.02 - Agree Safe Federated Project Standards)
(1.6 Training Management and Delivery - Specification Req - 1.6.02 - Provide Role-Based Training)
(Federation Req - 5.4.03 - Support Federated Identities)
(3.1 Data Lifecycle Management - Specification Req - 3.1.07 - Independent Egress Approval)
(Capacity Management Data - Financial Data)
(2.2 Infrastructure Management - 2.3 Capacity Management)
(Federation Req - 5.1.02 - Define Federation Roles & Responsibilities)
(Federation Req - 5.1.01 - Define Federation Scope & Governance)
(2.2 Infrastructure Management - Specification Req - 2.2.02 - Automate Repeatable Deployment Tasks)
(Risk Management Processes - Risk Treatment Process)
(1.6 Training Management and Delivery - Specification Req - 1.6.03 - Update Training for Competency Changes)
(Data Lifecycle Management Processes - Data Deletion)
(Quality Management Processes - Supplier Management and Monitoring process)
(Federation Foundation Services and Roles - Federated Identity Mapping Process)
(Output Management Processes - Statistical Disclosure Control)
(Federation Foundation Services and Roles - Registry Service)
(2.4 Configuration Management - Specification Req - 2.4.04 - Conduct Regular Configuration Audits)
(Information Governance Requirements - Operational Requirements)
(3.4 Information Search and Discovery - Specification Req - 3.4.04 - Enable Abstracted Data Access)
(2.3 Capacity Management - Specification Req - 2.3.04 - Prevent Overspending)
(SATRE Spec 1.4 - 1.4.03 - Adapt to Regulatory Changes)
(3.1 Data Lifecycle Management - Specification Req - 3.1.14 - Ensure Archived Data is Read-Only)
(2.2 Infrastructure Management - Specification Req - 2.2.05 - Use Mirrored Development Environment)
(2.2 Infrastructure Management - Specification Req - 2.2.10 - Restrict Project Connectivity)
(Info Gov - Business Processes - Requirements Gathering and Monitoring Process)
(Info Gov - Business Processes - Resource Allocation Process)
(1.1 Information Governance - 1.7 Public Involvement and Engagement)
(Data Management Roles - Information Asset Owner)
(1.5 Researcher Accreditation - Specification Req - 1.5.02 - Establish Onboarding Processes)
(2.1 End User Computing - Specification Req - 2.1.03 - Restrict Direct Data Access)
(Data Lifecycle Management Processes - Data Classification)
(4.3 Knowledge Management - Specification Req - 4.3.03 - Conduct Training Needs Analysis)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.8.05 - Implement Secure Key Management)
(Federation Req - 5.4.01 - Agree Federation Encryption & Key Standards)
(1.6 Training Management and Delivery - Specification Req - 1.6.01 - Determine Role-Based Training Requirements)
(1.2 Quality Management - Specification Req - 1.2.12. - Utilise Quality Management Systems)
(Federation Req - 5.1.04 - Share Incident & Quality Data Across Federation)
(Data Lifecycle Management Roles - Information Asset Owner)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.5.01 - Comply with Regulatory Requirements)
(Infrastructure Lifecycle Management Processes - Infrastructure Deployment Process)
(Federation Foundation Services and Roles - Trust Services)
(Information Search and Discovery Data - Research Metadata)
(1.5 Researcher Accreditation - Specification Req - 1.5.05 - Secure User & Service Authentication)
(4.4 Financial Management - Specification Req - 4.4.01 - Ensure Projects Understand Costs)
(SATRE Spec 1.4 - 1.4.02 - Maintain Time-Limited Compliance)
(2.2 Infrastructure Management - 2.4 Configuration Management)
(SATRE Spec 1.3 - 1.3.02 - Conduct Data Processing Assessment)
(Federation Req - 5.4.04 - Share Security Logs Across Federation)
(Cyber Resiliance Processes - Resilience process)
(1.1 Information Governance - 1.5 Researcher Accreditation)
(Risk Management Actors and Roles - Top Management)
(2.6 Cyber Resilience Req - 2.6.02 - Implement Infrastructure Redundancy)
(2.2 Infrastructure Management - Specification Req - 2.2.13 - Record Usage Data)
(1.2 Quality Management - Specification Req - 1.2.10. - Use Issues for Process Improvement)
(2.2 Infrastructure Management - Infrastructure Lifecycle Management Processes)
(2.4 Configuration Management - Specification Req - 2.4.01 - Document Infrastructure Configuration)
(2.2 Infrastructure Management - Specification Req - 2.2.12 - Enable Network Monitoring)
(1.5 Researcher Accreditation - Specification Req - 1.5.04 - Access Approval via Data Controller)
(5.0 Federation Management - 5.1 Federation Governance)
(5.0 Federation Management - 5.7 Federation Financial Management)
(Infrastructure Lifecycle Management Processes - Availability Management Process)
(4. Supporting Capabilities - 4.8 Legal Services)
(3.1 Data Lifecycle Management - Specification Req - 3.1.01 - Assess Legal & Regulatory Risks)
(Capacity Management Processes - Capacity Planning Process)
(Data Management Requirements - Researcher Requirements)
(Member Accreditation Applications - Access Management Application)
(Computing Technology Requirements - Researcher Requirements)
(Federation Req - 5.1.05 - Manage Federation Rules Lifecycle)
(Information Security Roles - Information Governance)
(1.5 Researcher Accreditation - Specification Req - 1.5.01 - Verify People in the TRE Org)
(2.1 End User Computing - Specification Req - 2.1.16 - Enable GPU Access)
(3.1 Data Lifecycle Management - Specification Req - 3.1.11 - Log Data Modifications)
(End User Computing Actors - Researchers / Data Consumers)
(3.1 Data Lifecycle Management - Specification Req - 3.1.06 - Limit Egress Access)
(Data Management Roles - Researchers / Data Consumers)
(2.2 Infrastructure Management - Specification Req - 2.2.09 - Control & Manage Network Infrastructure)
(2.7 Vulnerability Management Req - 2.7.04 - Conduct Penetration Testing)
(2.6 Cyber Resilience Req - 2.6.04 - Establish Rapid Incident Response)
(Member Accreditation Processes - User Onboarding Process)
(Configuration Management Data - Infrastructure Asset Data)
(2.1 End User Computing - End User Computing Actors)
(3.4 Information Search and Discovery - Specification Req - 3.4.01 - Provide Metadata Catalogue)
(2.8 Encryption Req - 2.8.03 - Encrypt Data in Transit (Internal))
(4.9 Legal Services - Specification Req - 4.8.02 - Secure Data Protection Guidance)
(Member Accreditation Processes - Identity Verification Process)
(4. Supporting Capabilities - 4.5 Procurement)
(4.2 Project and programme management - Specification Req - 4.2.02 - Restrict Project Manager Access)
(4. Supporting Capabilities - 4.2 Project and Programme Management)
(Info Gov Actors and Roles - Information Governance)
(3.1 Data Lifecycle Management - Specification Req - 3.1.05 - Enforce Data Egress Governance)
(Quality Management Processes - Change Process)
(1.6 Training Management and Delivery - Specification Req - 1.6.08 - Ensure Course Standardisation)
(SATRE Spec 1.3 - 1.3.05 - Understand Organisational Risk Appetite)
(5.0 Federation Management - 5.3 Federation Study Management)
(Data Lifecycle Management Processes - Data Ingress)
(3.1 Data Lifecycle Management - Specification Req - 3.1.19 - Offer Security Control Tiers)
(Infrastructure Management Roles - Developer)
(SATRE Principles - Principle 4 - Standardisation)
(Data Lifecycle Management Roles - Output Checker)
(2.5 Information Security - 2.0 Computing Technology)
(Information Security Roles - Information Security)
(2.3 Capacity Management - Specification Req - 2.3.02 - Validate Project Resource Availability)
(Output Management Application - Automated Output Checking Application)
(2.1 End User Computing - End User Computing Interface Applications)
(2.8 Encryption Req - 2.8.01 - Encrypt Data at Rest)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.6.05 - Test Incident Response Plans)
(4.4 Financial Management - Specification Req - 4.4.02 - Track Project Costs)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.01 - Scan for Infrastructure Vulnerabilities)
(3.1 Data Lifecycle Management - Specification Req - 3.1.20 - Check Metadata for Disclosure Risk)
(Info Gov - Data - Policy and Process Data)
(Vulnerability Management Application - Vulnerability Management Application)
(2.1 End User Computing - Specification Req - 2.1.14 - Maintain User & Data Segregation)
(2.7 Vulnerability Management Req - 2.7.03 - Enable Automated Patching)
(4. Supporting Capabilities - 4.4 Financial Management)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.02 - Apply Security Updates Consistently)
(2.7 Vulnerability Management Req - 2.7.05 - Update Security Controls Based on Tests)
(2.2 Infrastructure Management - Specification Req - 2.2.11 - Block Outbound Internet Access)
(1.5 Researcher Accreditation - Member Accreditation Applications)
(2.1 End User Computing - Specification Req - 2.1.02 - Create Familiar Workspace Environment)
(4. Supporting Capabilities - 4.7 Relationship Management)
(Federation Req - 5.1.09 - Standardise Federation Access Requests)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.8.04 - Use Secure Encryption Standards)
(4. Supporting Capabilities - 4.9 Contract Management)
(Federation Req - 5.6.01 - Agree Federation Output Management)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.05 - Update Security Controls Based on Tests)
(SATRE Principles - Principle 3 - Observability)
(2.5 Information Security - 2.8 Encryption)
(SATRE Spec 1.1 - 1.1.02 - Implement Compliance Controls)
(End User Computing Interface Applications - Desktop)
(4.1 Business Continuity Management - Specification Req - 4.1.02 - Test Continuity Plan Regularly)
(1.2 Quality Management - Specification Req - 1.2.02 - Use Versioning & Change Control)
(Member Accreditation Actors and Roles - Researchers / Data Consumers)
(2.7 Vulnerability Management Req - 2.7.02 - Apply Security Updates Consistently)
(Configuration Management Processes - Configuration Management Process)
(Info Gov - Business Processes - Control Process)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.6.01 - Maintain Backups of Data & Environments)
(Federation Req - 5.5.01 - Maintain Federation Configuration Information)
(2.8 Encryption Req - 2.8.04 - Use Secure Encryption Standards)
(3.1 Data Lifecycle Management - Specification Req - 3.1.08 - Maintain Data Inventory)
(Risk Management Actors and Roles - Information Asset Owner)
(3.4 Information Search and Discovery - Information Search and Discovery Data)
(3.1 Data Lifecycle Management - Specification Req - 3.1.02 - Maintain Data Handling Records)
(SATRE Core Elements - SATRE Business Process)
(Identity and Access Management Roles - Information Asset Owner)
(3.3 Output Management - Specification Req - 3.3.02 - Define Project Outputs Early)
(3.0 Data Management - 3.1 Data Lifecycle Management)
(1.1 Information Governance - 1.3 Risk Management)
(1.1 Information Governance - 1.4 Study Management)
(4.6 IT Service Management - Specification Req - 4.6.01 - Maintain TRE Operator Team)
(3.1 Data Lifecycle Management - Specification Req - 3.1.15 - Maintain Simple Archive Formats)
(3.1 Data Lifecycle Management - Specification Req - 3.1.03 - Classify Data Sets)
(4.7 Relationship Management Req - 4.7.01 - Establish Stakeholder Feedback Process)
(Federation Req - 5.1.06 - Define TRE Join & Leave Processes)
(2.3 Capacity Management - Specification Req - 2.3.01 - Clarify Project Resources & Costs)
(2.1 End User Computing - Specification Req - 2.1.13 - Control Available Software Packages)
(Federation Foundation Services and Roles - Federation Operator)
(1.2 Quality Management - Specification Req - 1.2.04 - Conduct Audits)
(Information Governance Requirements - Support Requirements)
(3.4 Information Search and Discovery - Specification Req - 3.4.02 - Standardize Metadata Models)
(End User Computing Interface Applications - Code Submission Interface)
(SATRE Spec 1.4 - 1.4.08 - Provide Public Data for Public Benefit)
(Data Management Requirements - Information Governance Requirements)
(2.1 End User Computing - Specification Req - 2.1.15 - Provide Scalable Compute Access)
(1.2 Quality Management - Specification Req - 1.2.11. - Collect Quality Management Data)
(3.1 Data Lifecycle Management - Specification Req - 3.1.12 - Prevent Unauthorized Data Transfers)
(Identity and Access Management Applications - Authentication Application)
(3.0 Data Management - 3.4 Information Search and Discovery)
(2.1 End User Computing - Specification Req - 2.1.04 - Ensure Accessible TRE Interface)
(Cyber Resiliance Processes - Response process)
(Quality Management Reporting - Internal Audit Process)
(Infrastructure Management Applications - Network Management Application)
(Quality Management Processes - Asset Management Process)
(Risk Management Actors and Roles - TRE Builder / Developer)
(Federation Foundation Services and Roles - Monitoring Services)
(Member Accreditation Actors and Roles - TRE Builder / Developer)
(2.2 Infrastructure Management - Specification Req - 2.2.07 - Understand Provider Availability Guarantees)
(1.6 Training Management and Delivery - Specification Req - 1.6.07 - Use Learning Management System (LMS))
(Risk Management Processes - Risk Assessment Process)
(3.1 Data Lifecycle Management - Specification Req - 3.1.04 - Enforce Data Ingress Governance)
(2.1 End User Computing - End User Computing Applications)
(2.3 Capacity Management - Specification Req - 2.3.03 - Allocate Resources Among Projects)
(Output Management Role - Output Checker)
(5.0 Federation Management - 5.6 Federation Data Management)
(2.2 Infrastructure Management - Specification Req - 2.2.06 - Document Infrastructure Decommissioning)
(2.7 Vulnerability Management Req - 2.7.06 - Publish Security Testing Strategy & Results)
(2.1 End User Computing - Specification Req - 2.1.10 - Provide Relevant Software Applications)
(2.8 Encryption Req - 2.8.02 - Encrypt Data in Transit (External))
(Cyber Resiliance Processes - Recovery)
(1.1 Information Governance - 1.6 Training Management and Delivery)
(Federation Req - 5.6.02 - Provide Federation Metadata Catalogue)
(Data Lifecycle Management Processes - Data Egress)
(Information Governance Requirements - Leadership Requirements)
(Output Management Processes - Output Checking)
(SATRE Spec 1.1 - 1.1.01 - Monitor Governance Requirements)
(Infrastructure Lifecycle Management Processes - Infrastructure Removal Process)
(5.0 Federation Management - 5.2 Federation Researcher Accreditation)
(2.5 Information Security - 2.9 Physical Security)
(1.7 PIE - Specification Req - 1.7.02 - Publish TRE Operations & Data Info)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.04 - Conduct Penetration Testing)
(4.2 Project and programme management - Specification Req - 4.2.01 - Assign Project Managers)
(4. Supporting Capabilities - 4.1 Business Continuity)
(Information Governance Requirements - Improvement Requirements)
(2.6 Cyber Resilience Req - 2.6.01 - Maintain Backups of Data & Environments)
(2.0 Computing Technology - 2.2 Infrastructure Management)
(Member Accreditation Data - User Identity Attributes)
(Member Accreditation Actors and Roles - Information Asset Owner)
(Quality Management Processes - Document & SOP Management Process)
(SATRE Spec 1.3 - 1.3.01 - Score Risk Severity)
(2.4 Configuration Management - Specification Req - 2.4.02 - Automate Configuration Management)
(Data Lifecycle Management Roles - Researchers / Data Consumers)
(4.1 Business Continuity Management - Specification Req - 4.1.01 - Develop Business Continuity Plan)
(3.2 Identity and Access Management - Specification Req - 3.2.01 - Restrict Shared User Accounts)
(1.2 Quality Management - Specification Req - 1.2.07 - Monitor Supplier Compliance)
(End User Computing Applications - End user software tools)
(1.7 PIE - Specification Req - 1.7.01 - Ensure Inclusive Public Engagement)
(4.9 Legal Services - Specification Req - 4.8.03 - Assign TRE Contract Management)
(4.3 Knowledge Management - Specification Req - 4.3.02 - Offer TRE Education Programme)
(Quality Management Data - Activity Log Data)
(Data Management Roles - Data Steward)
(Quality Management Roles and Actors - Auditor)
(Federation Req - 5.1.07 - Agree Consistent Risk Approach)
(2.4 Configuration Management - Specification Req - 2.4.03 - Verify Configuration Validity)
(Identity and Access Management Processes - Permission Assignment Process)
(Training Management and Delivery Process - Curriculum Creation and Management)
(5.0 Federation Management - 5.5 Federation Infrastructure Management)
(Output Management Processes - Data Egress)
(1.5 Researcher Accreditation - Specification Req - 1.5.03 - Manage Access with Identity Services)
(3.2 Identity and Access Management - Specification Req - 3.2.06 - Restrict Access by Location)
(3.2 Identity and Access Management - Specification Req - 3.2.02 - Verify User Identity)
(SATRE Spec 1.1 - 1.1.03 - Allocate Adequate Resources)
(SATRE Core Elements - SATRE Application Service)
(SATRE Spec 1.4 - 1.4.01 - Ensure Legal & Ethical Compliance)
(Training Management and Delivery Applications - Learning Management System)
(3.3 Output Management - Specification Req - 3.3.06 - Apply Statistical Disclosure Methods)
(3.3 Output Management - Specification Req - 3.3.04 - Assign Output Checking Responsibility)
(1.2 Quality Management - Specification Req - 1.2.01 - Restrict Policy Changes)
(Vulnerability Management Processes - Security Testing)
(2.2 Infrastructure Management - Specification Req - 2.2.08 - Define & Share Availability Targets)
(1.2 Quality Management - Specification Req - 1.2.09 - Log & Resolve Process Deviations, Incidents ect)
(Information Search and Discovery Roles - Data Analyst)
(Training Management and Delivery Process - Certification Management Process)
(1.2 Quality Management - Specification Req - 1.2.08 - Manage Physical Assets)
(2.2 Infrastructure Management - Specification Req - 2.2.01 - Document Infrastructure Deployment)
(SATRE Principles - Principle 1 - Usability)
(Federation Req - 5.4.02 - Test Shared Incident Response Process)
(Computing Technology Actors and Roles - TRE Builder / Developer)
(1.2 Quality Management - Specification Req - 1.2.03 - Measure Governance Performance)
(Training Management and Delivery Data - Training Records)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.7.06 - Publish Security Testing Strategy & Results)
(2.5 Information Security - Cyber Resiliance Processes)
(2.1 End User Computing - Specification Req - 2.1.12 - Allow Access to Software Repositories)
(Quality Management Data - Training Records)
(Risk Management Processes - Risk Ownership Process)
(3.2 Identity and Access Management - Specification Req - 3.2.04 - Enforce Multi-Factor Authentication)
(Computing Technology Requirements - Compute Resources)
(1.6 Training Management and Delivery - Specification Req - 1.6.05 - Accept Third-Party Training Certifications)
(2.5 Information Security - 2.7 Vulnerability Management)
(3.0 Data Management - 3.3 Output Management)
(2.2 Infrastructure Management - Specification Req - 2.2.03 - Document Infrastructure Change Process)
(Information Search and Discovery Roles - Data Steward)
(SATRE Spec 1.3 - 1.3.03 - Design & Record Risk Mitigations)
(4. Supporting Capabilities - 4.6 IT Service Management)
(Federation Req - 5.1.03 - Agree Shared TRE Rules & Compliance)
(Information Security Roles - TRE Builder / Developer)
(Data Lifecycle Management Roles - Data Steward)
(2.1 End User Computing - Specification Req - 2.1.09 - Mitigate Risks from Telemetry-Based Software)
(1.7 PIE - Specification Req - 1.7.03 - Include Public in TRE Oversight)
(Configuration Management Actors - TRE Builder / Developer)
(Vulnerability Management Processes - Security Patching)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.8.03 - Encrypt Data in Transit (Internal))
(Infrastructure Management Roles - TRE Builder / Developer)
(2.0 Computing Technology - 2.1 End User Computing)
(Data Lifecycle Management Processes - Data Minimisation)
(Federation Req - 5.2.01 - Agree Federation Competency Requirements)
(Advanced or Cluster Computing Group - Advanced or Cluster Computing Technology Service)
(SATRE Principles - Principle 2 - Maintain Public Trust)
(3.0 Data Management - 3.2 Identity and Access Management)
(2.4 Configuration Management - Specification Req - 2.4.05 - Replace Non-Compliant TRE Systems)
(3.1 Data Lifecycle Management - Specification Req - 3.1.10 - Provide Proof of Deletion)
(2.8 Encryption Req - 2.8.05 - Implement Secure Key Management)
(SATRE Core Elements - SATRE Application Component)
(Computing Technology Requirements - Information Governance Requirements)
(2.5 and 2.9 - Information Security and physical security - Specification Req - 2.6.02 - Implement Infrastructure Redundancy)
(4.4 Financial Management - Specification Req - 4.4.03 - Maintain Financial Sustainability)
(Study Management Processes - 1.4 Study Management)
(Member Accreditation Data - 1.5 Researcher Accreditation)
(Identity and Access Management Processes - 3.2 Identity and Access Management)
(Identity Verification Process - 1.5 Researcher Accreditation)
(Data Asset Register - 1.4 Study Management)
(Encryption Keys - 2.8 Encryption)
(Identity and Access Management Roles - 3.2 Identity and Access Management)
(Training Records - 1.6 Training Management and Delivery)
(Encryption Data - 2.8 Encryption)
(Public Member - 1.7 Public Involvement and Engagement)
(Configuration Management Process - 2.4 Configuration Management)
(Training Management and Delivery Data - 1.6 Training Management and Delivery)
(Public Engagement Specialist - 1.7 Public Involvement and Engagement)
(SATRE Specification Requirement - Safe Provision of Trusted Research Environments)
(3.3 Output Management - Output Management Role)
(Metadata Search and Discovery Application - 3.4 Information Search and Discovery)
(Security Testing - 2.7 Vulnerability Management)
(Advanced or Cluster Computing Group - 2.1 End User Computing)
(Recovery - 2.5 Information Security)
(Risk Management Actors and Roles - 1.3 Risk Management)
(Certification Management Process - 1.6 Training Management and Delivery)
(Data Ingress - 3.1 Data Lifecycle Management)
(Quality Management Reporting - 1.2 Quality Management)
(Vulnerability Management Application - 2.7 Vulnerability Management)
(Member Accreditation Processes - 1.5 Researcher Accreditation)
(Research Data - 3.1 Data Lifecycle Management)
(Study Management Data - 1.4 Study Management)
(Identity and Access Management Applications - 3.2 Identity and Access Management)
(Infrastructure Management Applications - 2.2 Infrastructure Management)
(Data Egress - 3.1 Data Lifecycle Management)
(Information Search and Discovery Applications - 3.4 Information Search and Discovery)
(Infrastructure Asset Data - 2.4 Configuration Management)
(Vulnerability Scanning - 2.7 Vulnerability Management)
(Command Line Interface - 2.1 End User Computing)
(Data Classification - 3.1 Data Lifecycle Management)
(Study Management Applications - 1.4 Study Management)
(SATRE Pillar Capability - SATRE Pillar Requirement)
(User Onboarding Process - 1.5 Researcher Accreditation)
(Risk Assessment Process - 1.3 Risk Management)
(Information Security Roles - 2.5 Information Security)
(SATRE Principles - Safe Provision of Trusted Research Environments)
(Advanced or Cluster Computing Technology Service - 2.1 End User Computing)
(Study Closure Process - 1.4 Study Management)
(Study Management Actors and Roles - 1.4 Study Management)
(Encryption Process - 2.8 Encryption)
(Requirements Gathering and Monitoring Process - 1.1 Information Governance)
(Quality Management Roles and Actors - 1.2 Quality Management)
(Billing Process - 2.3 Capacity Management)
(Risk Ownership Process - 1.3 Risk Management)
(Data Management Roles - 3.0 Data Management)
(Quality Management Data - 1.2 Quality Management)
(Artifact Management Application - 2.1 End User Computing)
(Configuration Management Actors - 2.4 Configuration Management)
(Network Management Application - 2.2 Infrastructure Management)
(Document & SOP Management Process - 1.2 Quality Management)
(Study Onboarding Process - 1.4 Study Management)
(Training Management and Delivery Applications - 1.6 Training Management and Delivery)
(Change and Configuration Data - 2.4 Configuration Management)
(Change Process - 1.2 Quality Management)
(SATRE Core Elements - SATRE Pillar Capability)
(Curriculum Creation and Management - 1.6 Training Management and Delivery)
(Vulnerability Management Processes - 2.7 Vulnerability Management)
(2.0 Computing Technology - Computing Technology Actors and Roles)
(Computing Technology Actors and Roles - 2.0 Computing Technology)
(Code Version Control Application - 2.1 End User Computing)
(Encryption Application - 2.8 Encryption)
(Electronic Quality Management System Application - 1.2 Quality Management)
(3.3 Output Management - Output Management Processes)
(Information Search and Discovery Roles - 3.4 Information Search and Discovery)
(Quality Management Data - 1.2 Quality Management)
(End user software tools - 2.1 End User Computing)
(Resource Allocation Process - 1.1 Information Governance)
(Configuration Management Data - 2.4 Configuration Management)
(Change Process - 2.4 Configuration Management)
(Infrastructure Management Roles - 2.2 Infrastructure Management)
(Training Management and Delivery Process - 1.6 Training Management and Delivery)
(Learning Management System - 1.6 Training Management and Delivery)
(Capacity Planning Process - 2.3 Capacity Management)
(Data Lifecycle Management Processes - 3.1 Data Lifecycle Management)
(Infrastructure Deployment Process - 2.2 Infrastructure Management)
(Encryption Processes - 2.8 Encryption)
(Federation Information Management System - 5.0 Federation Management)
(Application Deployment Process - 2.1 End User Computing)
(Availability Management Process - 2.2 Infrastructure Management)
(Activity Log Data - 1.2 Quality Management)
(User Documentation Data - 2.1 End User Computing)
(End User Computing Interface Applications - 2.1 End User Computing)
(Quality Management Processes - 1.2 Quality Management)
(Change and Configuration Data - Configuration Management Data)
(Access Management Application - 3.2 Identity and Access Management)
(Course Data - 1.6 Training Management and Delivery)
(Security Patching - 2.7 Vulnerability Management)
(Info Gov Actors and Roles - 1.1 Information Governance)
(End User Computing Applications - 2.1 End User Computing)
(Supplier Management and Monitoring process - 1.2 Quality Management)
(Quality Management Applications - 1.2 Quality Management)
(Vulnerability Management Application - 2.7 Vulnerability Management)
(Data Deletion - 3.1 Data Lifecycle Management)
(Capacity Management Processes - 2.3 Capacity Management)
(Data Lifecycle Management Roles - 3.1 Data Lifecycle Management)
(Study Management Portal - 1.4 Study Management)
(User Identity Attributes - 1.5 Researcher Accreditation)
(Member Accreditation Actors and Roles - 1.5 Researcher Accreditation)
(Code Submission Interface - 2.1 End User Computing)
(Response process - 2.5 Information Security)
(Access Management Application - 1.5 Researcher Accreditation)
(Resilience process - 2.5 Information Security)
(Data Asset Register - 3.1 Data Lifecycle Management)
(Output Classification Tool - 3.1 Data Lifecycle Management)
(Internal Audit Process - 1.2 Quality Management)
(Change and Configuration Data - 1.2 Quality Management)
(Infrastructure Removal Process - 2.2 Infrastructure Management)
(End User Computing Actors - 2.1 End User Computing)
(Authentication Application - 3.2 Identity and Access Management)
(SATRE Pillar Requirement - SATRE Principles)
(Training Records - 1.2 Quality Management)
(Infrastructure Lifecycle Management Processes - 2.2 Infrastructure Management)
(Financial Data - 2.3 Capacity Management)
(Research Metadata - 3.1 Data Lifecycle Management)
(Constraints and controls - Safe Provision of Trusted Research Environments)
(Research Metadata - 3.4 Information Search and Discovery)
(Data Minimisation - 3.1 Data Lifecycle Management)
(Change Process - 2.2 Infrastructure Management)
(Member Accreditation Applications - 1.5 Researcher Accreditation)
(Data Archiving - 3.1 Data Lifecycle Management)
(Issue Management Process - 1.2 Quality Management)
(Control Process - 1.1 Information Governance)
(Risk Treatment Process - 1.3 Risk Management)
(End User Computing Processes - 2.1 End User Computing)
(Authentication Process - 3.2 Identity and Access Management)
(2.2 Infrastructure Management - Infrastructure Management Applications)
(Info Gov - Data - 1.1 Information Governance)
(Key Management Application - 2.8 Encryption)
(3.3 Output Management - Output Management Application)
(Study Register - 1.4 Study Management)
(2.6 Cyber Resilience - Cyber Resiliance Processes)
(Capacity Management Data - 2.3 Capacity Management)
(Compliance Checking Process - 1.4 Study Management)
(Asset Management Process - 1.2 Quality Management)
(Permission Assignment Process - 3.2 Identity and Access Management)
(3.1 Data Lifecycle Management - Data Lifecycle Management Applications)
(Public Involvement and Engagement Process - 1.7 Public Involvement and Engagement)
(Configuration Management Processes - 2.4 Configuration Management)
(Data Lifecycle Management Data - 3.1 Data Lifecycle Management)
(Desktop - 2.1 End User Computing)
(1.2 Quality Management - 5.1 Federation Governance)
(4.9 Contract Management - 4.8 Legal Services)
(3.2 Identity and Access Management - 5.6 Federation Data Management)
(2.5 Information Security - 5.4 Federation Information Security)
(1.4 Study Management - 5.3 Federation Study Management)
(2.8 Encryption - 5.4 Federation Information Security)
(3.0 Data Management - 5.6 Federation Data Management)
(2.7 Vulnerability Management - 5.4 Federation Information Security)
(1.3 Risk Management - 5.1 Federation Governance)
(2.2 Infrastructure Management - 5.5 Federation Infrastructure Management)
(1.6 Training Management and Delivery - 5.2 Federation Researcher Accreditation)
(4.9 Data Protection - 4.8 Legal Services)
(3.3 Output Management - 5.6 Federation Data Management)
(4.4 Financial Management - 5.7 Federation Financial Management)
(Info Gov - Business Processes - 1.1 Information Governance)
(Risk Management Processes - 1.3 Risk Management)
(1.5 Researcher Accreditation - 5.2 Federation Researcher Accreditation)
(3.1 Data Lifecycle Management - 5.6 Federation Data Management)
(1.1 Information Governance - 5.1 Federation Governance)
1.0 InfoGov
1.4 Study Management
1.3 Risk Management
1.5 Researcher Accreditation
1.2 Quality Management
1.6 Training Management and Delivery
1.1 Information Governance
1.7 Public Involvement and Engagement
3.0 Data Management
3.4 Information Search and Discovery
3.0 Data Management
3.2 Identity and Access Management
3.3 Output Management
3.1 Data Lifecycle Management
5.0 Federation Management
5.0 Federation Management
4.0 Supporting Capabilities
4. Supporting Capabilities
2.0 Computing Technology
2.1 End User Computing
2.3 Capacity Management
2.4 Configuration Management
2.0 Computing Technology
2.7 Vulnerability Management
2.8 Encryption
2.5 Information Security
2.2 Infrasturcture Management
2.6 Cyber Resiliance
Meta-Model View (simple)
Capability View
Meta-Model View
Principles
Process View
×
Archi®
×