Closed
Conversation
JimMadge
requested changes
Mar 23, 2026
Member
JimMadge
left a comment
JimMadge
left a comment
There was a problem hiding this comment.
I like this, but I think there is some work to be done. Mostly formatting.
It might help to split this into PRs for roles, shared responsibility and governance. I feel like the roles is closer to done. Some of the shared responsibility text feels contrary to what I was expecting. So we may need to sync up on that.
|
|
||
| While the shared responsibility model clearly delineates ownership, operating safely in practice requires a set of agreed cross-boundary processes. Responsibility for a control does not eliminate the need for coordination with other parties in exercising it. | ||
|
|
||
| A key example is infrastructure configuration: {term}`TRE Administrator`s define and approve the technical configurations required to maintain a secure environment, but the implementation of those configurations on the underlying infrastructure is carried out by the {term}`Hosting Administrator`. Neither party can fulfil their responsibilities in isolation. |
Member
There was a problem hiding this comment.
I don't think this is true. Each of the administrators are responsible for the implementation of their own sections of infrastructure. And I feel the design is more of a negotiation (or set out by the FRIDGE design) than decided by one party.
gsvarovsky
reviewed
Mar 25, 2026
Comment on lines
+58
to
+59
| - Manages technical security controls within the TRE. | ||
| - Assumes responsibility for the TRE platform and code, identity and access management, encryption, output management, and researcher accreditation. |
Collaborator
There was a problem hiding this comment.
Clarify: are these two points only about the front-door?
| The organisation that owns and operates the supercomputing infrastructure on which FRIDGE runs. This is likely to be a national compute facility such as [AIRR](https://www.gov.uk/government/publications/ai-research-resource). This role could be fulfilled by a public cloud provider or a private cloud hosted by another institution. | ||
|
|
||
| **Governance and architecture responsibilities:** | ||
| - Operates, manages and controls the physical hardware, network infrastructure, tenancy isolation, and Kubernetes cluster management. |
Collaborator
There was a problem hiding this comment.
The keys to the tenancy are handed over to the TRE Operator. Since this implies a level of "cluster management" maybe this should be clarified.
| (role-data-owner)= | ||
| ### Data Owner | ||
|
|
||
| The organisation or individual that owns the sensitive data being used in the research project. This is typically an NHS organisation, government body, or other institution that holds personal or sensitive data and has the legal authority to permit its use for research purposes. The {term}`Data Owner` sets the conditions under which data may be used and must receive assurance that those conditions — including data deletion at project end — have been met. |
Collaborator
There was a problem hiding this comment.
Can there be multiple per project? This text implies single.
Co-authored-by: Jim Madge <jim+github@jmadge.com>
Co-authored-by: Jim Madge <jim+github@jmadge.com>
…alan-turing-institute/fridge into machintim-shared-responsibility
Co-authored-by: Jim Madge <jim+github@jmadge.com>
Co-authored-by: Jim Madge <jim+github@jmadge.com>
Co-authored-by: Jim Madge <jim+github@jmadge.com>
Co-authored-by: George Svarovsky <gsvarovsky@users.noreply.github.com>
Co-authored-by: Jim Madge <jim+github@jmadge.com>
machintim
commented
Mar 26, 2026
machintim
commented
Mar 26, 2026
Co-authored-by: Jim Madge <jim+github@jmadge.com>
This was referenced Mar 27, 2026
Merged
Collaborator
Author
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Shared Responsibility
Added Roles_Detailed.md as the canonical Role Catalogue, glossary with all 12 role definitions (including new entries for Data Owner and Information Governance Team) plus detailed sections with governance, architecture, and lifecycle process responsibilities for each role. All cross-references use {term} links. Resolves Governance roles #173
Added shared_gov_model.md documenting the two-tier FRIDGE governance structure (Federation Governance and Operational Management Group) with the governance diagram.
Added shared_responsibility.md section on Shared Processes and Infrastructure, covering cross-boundary process requirements between TRE Administrator and Hosting Administrator. Resolves Shared responsibility model #174 Resolves Component mapping to roles and 5 safes #176