Building trust through audit and certification

As part of the ODI’s R&D programme we are continuing our research into how to help organisations build trust when accessing, using or sharing data.

In the months since we published our interim report last September, we have moved through the alpha phase and are now transitioning to the beta phase. In this worknote we summarise the work we have conducted over the last few months and look ahead to the final months of the project.

What we’ve been up to

Our initial research for this project confirmed there is no single method, approach or mechanism that can build trust between organisations in every circumstance and every context. In our interim report, we therefore signalled our intention to spend the development phase of this project identifying common trust-related challenges and developing a range of tools, guidance and resources to help people and organisations address whatever trust-related challenges they might be facing.

By surveying and interviewing organisations we identified three distinct but related user needs: assessing trustworthiness, whether that means assessing the trustworthiness of your own organisation or the trustworthiness of a potential partner; building trustworthiness, whether that means taking steps to make your own organisation more trustworthy or working collaboratively to make an entire ecosystem more trustworthy; and demonstrating trustworthiness, whether that means demonstrating your trustworthiness to people within your own organisation or externally to partners and stakeholders.

A conceptual framework we have found useful in making sense of each of these common trust-related challenges - ie assessing, building and demonstrating trustworthiness - is what we are calling the ‘elements of trust’.

Diagram listing the elements of trust.
Diagram illustrating 'The Elements of Trust'

'Trustworthiness' can be difficult to conceptualise, but by breaking it down into separate concepts or elements, we have found it possible to more methodically examine what makes people, organisations or ecosystems trustworthy. The current framework includes seven different elements of trust, namely: accountability, security, control, transparency, quality, governance, and reputation. Using this framework we have been able to engage in more systematic discussions with people about why, specifically, they trust other organisations or why they believe other organisations should trust them.

Where we’re headed

Because our previous research showed that different challenges require different solutions, we have decided to develop a playbook containing a suite of different tools and resources. The prototype of the playbook is currently split into four sections – assessing, building, demonstrating and reassessing trustworthiness – and will contain guidance on how people and organisations can chart their own journey through the playbook by mixing and matching the various resources provided in each section in order to address their specific trust-related challenges.

We are also exploring ways of using the ‘elements of trust’ framework as the foundation for prototypes of tools and resources capable of helping people and organisations address their trust-related challenges within each of the four sections of the playbook.

Within the assess stage we are developing resources to help people and organisations:

  • Define the problem or challenge using intake questionnaires that can help organisations identify their specific needs, spotlight important elements of trust and prioritise next steps.
  • Assess the trustworthiness of their organisation or external organisations using a guide to the ‘elements of trust’, complete with descriptions of the different elements, examples, prompts and activities. This will also help organisations examine what the different elements of trust mean to them and their partners.

Within the build stage we are developing resources to help people and organisations:

  • Engage with stakeholders using a workshop outline that would help members of an ecosystem come together to understand each other’s needs and co-design trustworthy ways of accessing, sharing and using data.
  • Document agreed upon next steps using templates and guides to produce pacts or bonds that capture the steps each organisation has agreed to take in order to improve their trustworthiness, and detail any checks or audits that need to be put in place.
  • Build their trustworthiness by consulting a catalogue of tools and resources relevant to each element of trust and selecting the ones that will be most useful in addressing their trust-related challenge or goal.

Within the demonstrate stage we are developing resources to help people and organisations:

  • Demonstrate their trustworthiness using communication tools that help them showcase, in simple but systematic ways, the steps they are taking to be trustworthy within each of the seven elements of trust.

What we've found so far

Our initial user testing has confirmed that a curated playbook with a variety of tools to assess, build and demonstrate trustworthiness would indeed help people and organisations address common trust-related challenges. The people we spoke to advised us to ensure that it is possible for organisations to pick and choose from the suite of tools based not only on their specific challenges, but on things like the potential cost in time, effort and resources.

The feedback we received for the early-stage prototypes included in the assess stage of the playbook confirmed that an intake questionnaire would be a useful way of helping organisations define their problem and 'plan their journey' through the playbook. Importantly, we received valuable feedback about the form that such a questionnaire should take. We initially structured the questionnaire as a yes/no decision tree, where an organisation would be considered ‘trustworthy’ if they could answer yes to all the questions. However, we soon decided this was a flawed approach as it is difficult to generalise or benchmark what makes different organisations, in different ecosystems, with different goals, trustworthy.

We also received positive feedback on a prototype of a workshop aimed at helping organisations map, analyse and assess their important trust relationships. The workshop combined data ecosystem mapping with concepts from the elements of trust framework to help people understand the role of trust within their ecosystem and spotlight areas of concern.

For the build stage of the playbook we explored ways of helping organisations engage with stakeholders and document next steps by producing an annotated slide deck entitled, ‘Designing Data Audits to Build Trust’. The slide deck draws upon research in AI, finance, design and data governance and tests two main propositions: that engaging in 'co-design' processes with stakeholders can help build trust between organisations; and that audits are an appropriate way of designing, documenting and checking what organisations need to do in order to be trustworthy.

We circulated the slide deck to ODI members and presented it to members of DAMA UK. The feedback we received was broadly positive. Respondents said it made them think more deeply about how they create checks around data. However, in mature sectors, many felt co-design of audits would be unnecessary and expensive. An important insight was that for many people the term 'audit' is related to in-depth checks of data while we were using the term more broadly to mean any form of check. The term 'audit' was therefore a useful hook, but not a suitable way of describing our interest in co-designing ways of documenting and checking the trustworthiness of data or organisations. The slide deck, and the feedback gathered from circulating it, will nonetheless be extremely useful in developing other workshop outlines and the playbook as a whole.

What we'd love from you

Over the next two months we will focus on improving on the contents of the playbook, iterating on the tools provided at each stage of the playbook, and sketching common user journeys that will help organisations identify their trust-related challenges and chart a journey through the playbook.

If your organisation is currently working to assess, build or demonstrate trustworthiness, and the playbook or any of our planned prototypes sound interesting, please get in touch to take part in one of our testing workshops or user testing sessions. We’d love to hear from you.