Mandatory - Data Management

Question 1

Can you name some data sources you have used in your work?

Answer 1

iSurv
BCIS
CIS (Construction Industry Scheme) Gov.UK

Question 2

How can you ensure data sources you use are reliable?

Answer 2

Use industry recognised data sources. In lieu of this, triangulate the data.

Question 3

What are the risks of using historical financial data?

Answer 3

Price fluctuations with time – costs could be inaccurate.

Question 4

How can this be managed?

Answer 4

Individually re-evaluate cost items.
Multiply costs by the Tender Price Index (TPI) – predictions for future TPI on BCIS.

Question 5

How do you keep data secure?

Answer 5

Encryption of hard drives
Regularly change passwords
Use anti-virus protection
Use firewalls for software

Question 6

What specific procedure does your company use to store data?

Answer 6

CBRE is ISO 9001 certified and independently audited as part of ISO 9001 QA process.

Question 7

What is copyright?

Answer 7

A form of intellectual property, whereby a set of exclusive rights are granted to the creator of any original work.
Copyright must be acknowledged where applicable.

Question 8

What is GDPR?

Answer 8

General Data Protection Regulation 2016 – data protection regime for anyone within the EU.

Question 9

Does this still apply in the UK since Brexit?

Answer 9

Applies under the Data Protection Act and if acting for / with any business within the EU.

Question 10

What is the Data Protection Act?

Answer 10

UK’s implementation of GDPR plus requirements above that of GDPR.
Relates to all personal data.

Question 11

What must your company do to comply with the Data Protection Act?

Answer 11

Register with the Information Commissioners Office and pay an annual fee.

Question 12

What are the key requirements of GDPR?

Answer 12

• Data protection impact assessments.
• Rights for individuals to access their personal data and have it erased.
• Data controller to decide how personal data is processed.
• Data accountability for organisations who have to prove compliance to the ICO.
• Report data breaches within 72 hours.
• Increase in fines for companies in breach.
• Policed by Information Commissioners Office (ICO).

Question 13

How must companies store data under GDPR?

Answer 13

Securely.
For limited time.
Accurately.
Only relevant information.
Transparently.
Legitimately.

Question 14

What are the 8 individual rights under GDPR?

Answer 14

1. To be informed.
2. Access to information.
3. Rectification of information.
4. Erasure of information.
5. Restrict processing.
6. Data portability (for personal use).
7. To object.
8. Automated decision making (e.g. insurance companies).

Question 15

How does your company / you comply with GDPR?

Answer 15

Request clients sign terms of engagement which highlight how their data will be stored in accordance with GDPR.
Only ask for personal information as it relates to the instruction.
Archive files once instructions are complete.
Only store data in secure locations.
Hold external meetings in designated areas of the office.
Have a data protection officer.

Question 16

What is the Freedom of Information Act?

Answer 16

Gives individuals the rights to access any information held by public bodies.

Question 17

Are there any exemptions to this?

Answer 17

If the information contrasts with GDPR requirements or if it would prejudice a criminal matter.