What is your understanding of the term Confidentiality?
Where information is provided but subjected to confidence and not to be shared without permission.
What is your understanding of Intellectual Property and Copyright?
This is the right to control the use and ownership of original works.
What is the Freedom of Information Act 2005?
This is the primary piece of UK legislation that controls the access to official information.
The act permits the public right of access to information held by public authorities.
The act covers all information held not just information since the act came into effect.
What are the pros and cons of cloud based storage systems?
Pros:
Information is backed up securely on encrypted servers.
Accessibility can be managed online.
They are cheaper and more sustainable that physically storing and managing files.
Multiple users can access the same documents.
Cons: Confusion is permissions poorly manages, cyber security threats, sensitive information accessed due to poorly managed permissions.
What is the meaning of a non disclosure agreement?
Non disclosure agreements are used to protect against the disclosure of sharing any confidential data.
Prior to the confidential data being shared with a recipient, clients will typically request that the recipient signs up to a NDA.
If two separate departments within your company were working for two rival companies, how would you ensure client sensitive data was managed?
Check client understanding on conflict of interest.
Written informed consent provided.
Exclusivity of staff and separate working locations would be arranged.
A non disclosure agreement would be considered.
Secure document and data storage would be arranged for each team.
What is the Data Protection Act 2018?
The act manages how personal data is processed by organisations and the government.
It is the UK legislation for the implementation of the EU General Data Protection Regulations (GDPR).
What are the key principles of the Data Protection Act 2018?
The act ensures that data is:
Used fairly, lawfully and transparently.
Used in a way that is relevant to the purpose.
Is retained for no longer than necessary.
Processed securely including protection against unlawful use.
Who are the key persons outlined within GDPR?
Controller- The person or entity that determines to purpose of the data.
Processor - The person or entity that processes the data.
Data Protection Officer (DPO) - This role exists within companies that process the personal data of EU citizens. A DPO oversees the data protection approach.
What are the rights under the Data Protection Act / GDPR?
The right to
Access
Be informed.
Rectification.
Erasure.
Restriction.
Objection.
Data portability.
What different sources of information do you use in your day to day surveying and why are they important?
RICS Guidance notes and professional standards.
Contract documentation.
Previous tenders.
Industry journals such as isurv, modus, historic environment Scotland.
HSE guidance notes.
Ensure answers are evidence based, compliant and aligned with best practice.
Can you explain what data management is and why it’s important in building surveying?
Organised handling of project information.
Ensures accuracy, accessibility, and compliance.
Vital for clear communication, accurate information, audit trails, and compliance.
How does your organisation’s ISO quality management system structure project information, and what are the benefits of this?
In my organisation, we follow an ISO 9001-certified Quality Management System.
Info structured using standard file naming conventions, approved templates, and controlled folders for pre-contract, post-contract, and health & safety data. Superceded files are archived.
Benefits: Consistency, efficiency, easy access, ability to demonstrate compliance during audits / disputes. Easy for new team members to understand.
Why is it important to distinguish between pre-contract, post-contract, and CDM information when storing project data?
Pre-contract includes feasibility, tendering, and design development. Post-contract includes construction phase and final account records. CDM includes H&S info and records.
Storing these separately avoids confusion, ensures the right version of a document is used at the right stage, and helps demonstrate compliance with contractual duties and CDM Regulations.
For example, keeping CDM files separate makes it easier to assemble the Health & Safety File at project completion.
How do you ensure that the data you reference is reliable, up to date, and compliant?
I check publication dates, use original statutory or professional sources, and monitor updates to ensure compliance with current law and standards.
What risks might arise if you rely on out-of-date statutory or guidance documents?
Using out-of-date information risks non-compliance, legal disputes, health and safety failures. From a professional perspective, it could breach my RICS ethical obligations and damage my reputation.
Can you explain how a BIM document portal supports collaborative data management on larger projects?
A BIM portal provides a Common Data Environment, allowing all stakeholders to share, update, and coordinate project information in real time.
Reduces duplication, ensures version control, supports coordination.
Provides audit trail of who issued or amended information.
Beneficial for the Golden Thread.
What obligations do you and your firm have when handling personal data for clients such as Housing Associations?
Working with HA’s means that I often require to use and store tenant or client data.
I follow my firms GDPR compliant procedures.
I ensure that only the necessary information is collected and that personal data of tenants is disposed once no longer required.
I securely store the data on my cloud based storage system only, i.e. I don’t write any of this down on paper.
I use password protected files for personal information.
This ensures confidentiality, integrity, and legal compliance.
What is the difference between a ‘data controller’ and a ‘data processor’ under UK GDPR, and which role do you typically take in your work?
A data controller decides how and why personal data is processed, while a data processor acts on their instructions. As a surveyor, I am usually a data processor working on behalf of my client.
What might be considered a breach of data protection, and what steps would you take if one occurred?
A breach occurs when personal data is lost, accessed, or disclosed unlawfully. I would report it immediately, contain the risk, notify my Data Protection Officer, and follow my firms GDPR policy.
This includes requirements for notification.
You discover that an old version of a report was accidentally issued to a client. How would you manage this situation?
If an old report was issued, I would act quickly to minimise confusion or risk. I would notify the client immediately, explain the error, and provide the correct version clearly marked as current.
Move the old file to superceded.
You are asked to share project documents via email, but they contain personal data. What steps would you take to ensure compliance with GDPR?
When sharing documents with personal data, I would first check whether the personal information is necessary — redacting or anonymising where possible. I would then ensure the recipient is authorised and use secure methods, such as encrypted email or a password-protected file, sending the password separately. I would also keep a record of what was shared. This ensures GDPR compliance while protecting confidentiality.
A project team member uploads incomplete or unapproved information to the shared BIM portal. How should this be managed?
I would remove or clearly mark the unapproved information, notify the team, and reinforce approval protocols.
-
Contract Administration40
-
Health & Safety28
-
Building Pathology33
-
Design & Specification35
-
Construction Technology30
-
Fire Safety19
-
Ethics, Conduct and Professionalism72
-
Accounting principles25
-
Data management23
-
Legal / Regulatory Compliance34
-
Client care18
-
Conflict avoidance and dispute resolution20
-
Communication and negotiation22
-
Inspection24
-
Project finance15
-
Works progress and quality management12
-
Housing maintenance, repair and improvements12
-
Hot topics19
-
Sustainability16
-
Dilapidations14
-
Inclusive environments + Teamworking11
-
Business planning8
-
Case Study15
-
Case Law5
