Skip to Content
TS-TDT-01 Trust & Stewardship Technology & Digital Transformation CORE Excellence v2.9.7

Digital Transformation Roadmap

Assesses if the organization has a strategic, board-approved plan for using technology to improve efficiency, scale impact, and better serve beneficiaries. It ensures digital initiatives are governed effectively, deliver value for money (avoiding isrāf), and manage risks (data, cyber, exclusion) proactively. Embracing innovation aligns with maslahah mursalah (unrestricted public interest) to maximize societal benefit. Furthermore, safeguarding digital assets and beneficiary data fulfills the duty of amanah (trust) and hifz al-mal (preservation of wealth) within the maqasid (higher objectives) framework.

Assessment Questions
  1. What are the top 3 beneficiary outcomes this roadmap targets, and what baselines/targets are set?
  2. Does the roadmap include a data strategy (governance, quality, retention) and an architecture plan?
  3. How are privacy (DPIAs) and security (Cyber Essentials) integrated into the delivery lifecycle (Privacy by Design)?
  4. How are suppliers assessed and contracted (UK GDPR Art.28 clauses, Modern Slavery, security requirements)?
  5. How is accessibility (WCAG 2.1 AA) tested for key user journeys?
  6. What governance process (e.g., quarterly board review) monitors the roadmap's progress, risks, and budget?
Evidence Requirements
  • The official Digital Transformation Roadmap (including scope, timeline, budget).
  • Benefits realisation tracker (baseline/target/actual) and post-implementation reviews.
  • Minutes from board meetings showing quarterly review of roadmap KPIs and risks.
  • Risk register excerpts showing digital/data risks (CC26) and DPIAs for high-risk projects.
  • Supplier due diligence packs and Data Processing Agreements (DPAs).
  • Cyber Essentials certificate (or evidence of controls) and Accessibility audit reports.
Scoring Guidelines
LevelRatingDescription
5 5/5 Strategic & Innovative: ≥70% initiatives on track, outcome KPIs met, Cyber Essentials in place, continuous user-led iteration.
4 4/5 Managed Implementation: Board-approved roadmap with benefits plan, funded portfolio, named owner, and quarterly reporting.
3 3/5 Formal Roadmap: Documented plan with initial data inventory/architecture, but lacks detailed benefits plan or consistent governance.
2 2/5 Siloed/Reactive: Technology use is reactive or siloed within departments; no overarching strategy.
1 1/5 Ad-hoc: No digital strategy; IT is purely operational/reactive.

Related Criteria

TS-TDT-02 Core Systems Management (e.g., CRM)
Version
2.9.7 2025-11-05

Discussion (1)

Administrator 2026-03-07 11:07:53.770221

📋 **Version updated: 1.0.0 → 2.9.7** **Changes:** Updated islamic_references from mizan-297.json

Sign in to post a comment.

Back to Criteria