What is the difference between OFFICIAL and SECRET classification?

OFFICIAL is the default classification for most government information that does not require higher protection. It includes routine business and personal data. SECRET is applied to information that could cause serious damage to national security, such as military plans or intelligence sources. Handling requirements differ: SECRET information requires stricter access controls, encryption, and secure storage.

Do I need to know the Data Protection Act 2018 for this qualification?

Yes, the Data Protection Act 2018 is a key part of the qualification. You need to understand its principles, how they apply to defence information, and the exemptions for national security. Questions may ask you to apply these principles to scenarios involving personal data of service personnel or contractors.

How does records management differ in a defence context?

In defence, records management must comply with strict security and retention policies. Records may be subject to the Public Records Act 1958 and require special handling for classified information. Additionally, defence records often support operational decision-making, so accuracy and accessibility are critical. Digital records must include metadata for audit trails and be stored in secure systems.

What career opportunities does this qualification lead to?

This qualification prepares you for roles such as Defence Information Support Officer, Data Manager, Records Manager, or Information Assurance Officer within the Ministry of Defence, armed forces, or defence contractors. It also provides a foundation for further study in information management, cybersecurity, or digital transformation.

Is this qualification only for military personnel?

No, it is open to civilians working in defence or those aspiring to do so. Many roles in defence information support are held by civil servants or contractors. The qualification is also relevant for anyone managing sensitive information in government or security-related organisations.

How is information security assessed in this qualification?

Assessment includes understanding security controls like access control, encryption, and physical security measures. You may be asked to identify risks to information and propose mitigations. Practical scenarios might involve handling a data breach or implementing security policies. Examiner tips: always link controls to the classification level of the information.

Design systems in support of information management

DEFENCE AWARDING ORGANISATION

vocational

This element focuses on designing and implementing Microsoft Office SharePoint Server (MOSS) systems within a defence context to manage information effectively. Learners will configure file plans, metadata, and permissions while integrating Meridio for records management and using tools like TreeSize Pro and Atlas for compliance reporting. Practical application ensures efficient unit-level information support aligned with MOD policies.

Learning Outcomes

Assessment Guidance

Key Skills

Key Terms

Assessment Criteria

Assessment criteria

DAO Level 3 Award in Defence Information Support

Topic Overview

The DAO Level 3 Award in Defence Information Support is a vocationally-related qualification designed for individuals working or aspiring to work in defence information management roles. This qualification covers the principles and practices of managing, storing, and disseminating information within a defence context, emphasising security, accuracy, and efficiency. Students will learn about information governance, data protection, and the use of information systems to support operational decision-making. The award is part of the wider Digital Skills & IT framework, bridging technical IT skills with defence-specific information handling requirements.

This qualification is crucial because defence organisations rely on accurate, timely, and secure information to execute missions effectively. Students will develop competencies in classifying information, managing records, and using digital tools to support defence operations. The content aligns with UK government standards, including the Cabinet Office's Security Policy Framework and the Data Protection Act 2018. By mastering these skills, students enhance their employability in roles such as information support officer, data manager, or defence analyst.

Within the broader subject of Digital Skills & IT, this award focuses on the application of information management principles in a high-stakes environment. It complements other qualifications in cybersecurity, data analytics, and IT support by providing context-specific knowledge. Students will understand how information flows within defence organisations, the legal and ethical considerations, and the importance of maintaining information integrity. This qualification is ideal for those seeking to specialise in defence-related IT roles.

Key Concepts

Core ideas you must understand for this topic

→Information Classification: Understanding the UK government's classification markings (e.g., OFFICIAL, SECRET, TOP SECRET) and how to handle information accordingly.
→Records Management: Principles of creating, storing, retaining, and disposing of records in compliance with the Public Records Act 1958 and defence policies.
→Data Protection: Application of the Data Protection Act 2018 and GDPR principles to defence information, including lawful processing, consent, and subject access requests.
→Information Security: Implementing security controls such as access control, encryption, and audit trails to protect information from unauthorised access or loss.
→Information Lifecycle Management: Managing information from creation through use, storage, and disposal, ensuring it remains accurate, available, and secure.

Learning Objectives

What you need to know and understand

Understand file plans, systems and physical records, Be able to design Microsoft Office SharePoint Server (MOSS) system to effectively and efficiently manage a unit's information, Be able to use effective MOSS and Meridio permissions, Be able to apply the right metadata to MOSS structures, use MOD search Engines and the enterprised directory, Be able to produce reports generated by Tree Size Pro, Meridio and Atlas

Assessment Criteria

Key criteria assessors look for in your portfolio

Award credit for demonstrating a clear understanding of hierarchical file plans and their alignment with physical record-keeping requirements.
Expect evidence that MOSS site structures are designed with appropriate libraries, lists, and content types to meet specified unit information needs.
Check for correct configuration of MOSS and Meridio permissions, including inheritance breaking and unique permission assignments for security groups.
Look for accurate application of metadata columns (e.g., classification, disposal schedule) to MOSS structures, enabling effective use of MOD search engines and the enterprise directory.
Credit reports generated from TreeSize Pro, Meridio, and Atlas that demonstrate analysis of storage, compliance, or audit trails, with explanations of findings.

Assessment Guidance

Guidance for achieving higher grades

💡In your portfolio, include screenshots showing the step-by-step configuration of MOSS components, clearly linking each action to an information management requirement.
💡Use the MOD enterprise directory and search as part of your evidence—demonstrate that you can locate and retrieve information using applied metadata, not just navigate structure.
💡When producing reports, annotate them to explain how you interpreted the data (e.g., identifying storage growth, permission anomalies) and what corrective actions are recommended.
💡Ensure your design documentation explicitly references MOD information management policies (e.g., JSP 441) to show contextual understanding and compliance awareness.
💡When answering questions on information classification, always refer to the specific classification levels and their definitions from the UK Government Security Classification Policy. Use examples to show understanding of how classification affects handling.
💡For data protection questions, link principles to real defence scenarios, such as processing personnel data or sharing information with allies. Mention the lawful basis for processing and any exemptions that apply.
💡In records management questions, emphasise the importance of metadata and audit trails. Explain how proper records management supports accountability and operational efficiency.

Common Mistakes

Common errors to avoid in your coursework

Confusing file plans with site hierarchies—learners often map a file plan directly to site collections without considering scalability or security boundaries.
Overlooking the distinction between SharePoint groups and Meridio record management roles, leading to inappropriate permission models that violate information governance.
Applying metadata as site columns but failing to link them to content types, which prevents consistent use across libraries and impairs search functionality.
Assuming TreeSize Pro reports are sufficient for compliance without cross-referencing Atlas audit trails, missing discrepancies between disk usage and record activity.
Misconception: 'All defence information is classified as SECRET.' Correction: Only information that could cause serious damage to national security is classified as SECRET; most defence information is OFFICIAL or OFFICIAL-SENSITIVE.
Misconception: 'Data protection laws don't apply to defence organisations.' Correction: Defence organisations must comply with the Data Protection Act 2018, though exemptions exist for national security purposes. Personal data must still be processed lawfully and securely.
Misconception: 'Records management is just about filing documents.' Correction: It involves systematic control of records throughout their lifecycle, including digital records, metadata, and compliance with legal retention schedules.

Frequently Asked Questions

Common questions students ask about this topic

Before You Start

Prior knowledge that will help with this topic

•Basic understanding of IT systems and data management concepts.
•Familiarity with the UK legal framework, particularly data protection laws.
•Knowledge of organisational information security principles (e.g., from a Level 2 qualification in IT or business).

Key Terminology

Essential terms to know

Understand file plans, systems and physical records, Be able to design Microsoft Office SharePoint Server (MOSS) system to effectively and efficiently manage a unit's information, Be able to use effective MOSS and Meridio permissions, Be able to apply the right metadata to MOSS structures, use MOD search Engines and the enterprised directory, Be able to produce reports generated by Tree Size Pro, Meridio and Atlas

Ready to learn?

AI-powered learning tailored to this unit

Design systems in support of information management

Assessment criteria

Topic Overview

Key Concepts

Learning Objectives

Assessment Criteria

Assessment Guidance

Common Mistakes

Frequently Asked Questions

Before You Start

Key Terminology

Ready to learn?

Related Topics in DEFENCE AWARDING ORGANISATION vocational Digital Skills & IT

Design and configure Electronic Record Management Systems (ERMS) to conduct Record Management in a unit

Design and configure Sharepoint in support of Organisation Requirement

Understand Information Management and the legislative requirement to managing information in the MOD