The Government has restated its commitment to delivering pensions dashboards in a written statement.

Skip to content
Pensions dashboards programme logo
  1. Home
  2. How to connect

Technical change

Contents
Overview
Scale of change
Before you begin
What you need to do in this step
What happens next
Support
Changelog

Overview

Purpose

This process is used to assure change across the pensions dashboards ecosystem and to inform the Pensions Dashboards Programme (PDP) of the following technical changes to your existing live connection setup:

  • change underlying technical solution for existing endpoints
  • add new endpoints
  • both of the above (change the underlying technical solution for existing endpoints and add new endpoints)

This process applies only to live endpoints.

For any minimal changes, this process only needs to be completed if you are adding a new endpoint. For anything above minimal (minor, moderate and significant) you are required to complete this process in line with the CoCo2.2.2.

If you are unsure whether a change could impact your existing connection to the pensions dashboards ecosystem, you should review the information about scale of change to determine whether a submission is necessary.

Who completes this step?

  • primary business contact

You may need help from your technical team to complete the technical change request. For more information, read the full list of roles and responsibilities.

Back to top

Scale of change

The scale of change refers to the type of technical change you are making and its impact.

In the technical change process, you will be asked to suggest the scale of change you will be making. PDP will then review and confirm the scale of change.

Depending on the scale of change, different levels of testing and evidence are required before changes to an underlying technical solution for existing or new endpoints can be added to the ecosystem.

If you are unsure

If you are not sure which scale of change applies to your request, submit your best assessment and a brief description in the reason for request. This helps PDP review your request efficiently and confirm or adjust the category as needed.

After this PDP review, a submission could be reclassified to a higher or lower scale of change.

Minimal and minor changes

These categories may involve adding a new endpoint or making a change to the underlying technical solution for existing endpoints.

Examples include:

  • making a minor software update on the same hosting, platform, and technology stack
  • adding a new endpoint on the same hosting, platform, and technology stack

We do not need to be informed of changes that do not affect how your solution behaves or how it is hosted.

Minimal change

Minimal changes are not expected to impact your compliance with any of the standards, including standards that are not tested through system or integration testing.

Testing and evidence required:

  • PDP may request operational acceptance testing is conducted

Minor change

Minor changes may impact your compliance with standards that are not tested through system or integration testing.

Testing and evidence required:

  • service acceptance (minor changes only)
  • PDP may request operational acceptance testing is conducted

Moderate change

This category may include scenarios where your solution is re-platformed, for example, if you move from an infrastructure-as-a-service model to a platform/function as a service model. It may also include changes in the technology stack. For example, if you change from a Windows solution to a Linux solution or change from .Net to Java.

Examples include:

  • moving from virtual machines (IaaS) to platform-as-a-service or function-as-a-service models
  • migrating from Windows to Linux
  • rewriting core components from one language or framework to another, such as .NET to Java
  • breaking a monolithic service into microservices within the same platform

Testing and evidence required:

Significant change

This category may include scenarios where your solution is migrated to a new hosting environment or cloud provider, or making a major redesign that affects security, performance or integration with PDP.

Examples include:

  • migrating your service to a different cloud provider, such as on-premises to AWS, or Azure to GCP
  • introducing a new network model that affects data flow or connectivity
  • redesigning core architecture that changes how endpoints are structured or routed

Testing and evidence required:

Back to top

Before you begin

You need to:

  • identify the type of change you are making: change underlying technical solution for existing endpoints, add new endpoints, or both
  • prepare a brief explanation for your request
  • identify the scale of change for the request: minimal, minor, moderate, or significant
  • identify the URLs for the endpoints you are adding, if applicable
  • evidence of your internal IT service acceptance from your internal IT or service management team
Back to top

What you need to do in this step

  1. On the connection portal, go to the ‘Endpoints’ tab and select ‘Report technical change’.
  2. Read the ’Technical change process’ page to ensure that you have all the relevant information to hand to complete the form.
  3. Select the type of change you are making. You will have 3 options.
    1. Change underlying technical solution
    2. Add new endpoints
    3. Change underlying technical solution for existing endpoints AND add new endpoints
  4. Enter the reason for your request in the free-text box field. This should describe details of the technical change you are making to your solution. If you wish to request operational acceptance testing (OAT), indicate this here. If OAT is requested, PDP will schedule and run it as part of this process.
  5. Select the ‘scale of change’ category based on the descriptions and examples provided in this guidance.
  6. If adding new endpoints, select the endpoint type from the drop-down list: Find, View or PAT refresh.
    1. Enter your endpoint URL (which cannot end with a trailing backslash, “/”).
    2. If you need to add more than one endpoint, select ‘Add more endpoints’ and repeat steps 5 and 6. You can add up to 9 endpoints in one submission.
  7. If applicable to the scale of change (such as minor or above), upload evidence of internal IT service acceptance.
    1. This may be a screenshot of your service acceptance from your service management tool – such as a screenshot showing a change request in the scheduled state.
    2. The file must be 25MB or less and be in a JPEG, PNG or PDF format.
    3. This evidence should be provided by your organisation’s internal IT or service management function or equivalent internal change authority.
  8. Check your answers. You can review and change all the details that you have provided above.
  9. Once you have checked that your answers are accurate, select ‘Confirm and submit’.
Back to top

What happens next

You will receive email confirmation of your submission containing a reference number.

PDP will review the scale of change you have selected and the reason for your request. PDP will then assess if operational acceptance testing would be required.

PDP aims to review technical change submissions within 5 working days.

You will then receive email confirmation of the scale of change that will identify which testing evidence will need to be supplied, as well as any requirement for operational acceptance testing.

The following steps will vary depending on the scale of change. For all technical changes that require downtime, you must follow the planned downtime process to notify PDP that you will be unavailable.

Minimal changes

You will be notified by email of the outcome of this review. You will be informed if operational acceptance testing is required by PDP.

You will be required to follow these steps:

1. Primary technical contact will review if new cryptographic material is required and will download and deploy live cryptographic material.

2. If applicable, the service manager will be required to submit a request for operational acceptance testing on the connection portal.

Minor changes

You will be notified by email of the outcome of this review. You will be informed if operational acceptance testing is required by PDP.

You will be required to follow these steps:

1. If you are not conducting operational acceptance testing, when the service acceptance stage is approved, the new endpoints will be live. If you need to delay when your endpoints become active, you should raise a ticket via the support portal when submitting service acceptance.

Service manager completes service acceptance on the connection portal. When reviewing the service acceptance guidance, ignore references to providing live endpoint URLs following service acceptance. This applies only to the initial technical connection and not this technical change process.

2. Primary technical contact reviews if new cryptographic material is required and will download and deploy live cryptographic material.

3. If applicable, the service manager submits a request for operational acceptance testing.

Moderate changes

You will be notified by email of the outcome of this review. You will be informed of operational acceptance testing by PDP.

You will be required to follow these steps:

1. Test manager completes the prerequisites process on the connection portal.

2. Primary technical contact downloads, deploys and confirms deployment of test cryptographic material on the connection portal.

3. PDP implementation manager will arrange integration testing with your test manager.

You must ensure that your test find endpoint, test view endpoint, test PAT refresh endpoint are pointing to the solution which needs to be tested. These endpoints must be updated before integration testing begins. If you require endpoint URLs to be changed, submit a ticket via the support portal at least 3 working days before scheduled testing.

4. Test manager submits integration testing report.

5. Service manager completes service acceptance. When reviewing the service acceptance guidance, ignore references to providing live endpoint URLs following service acceptance. This applies only to the initial technical connection and not this technical change process.

If you are not conducting operational acceptance testing, when the service acceptance stage is approved, the new endpoints will be live. If you need to delay when your endpoints become active, you should raise a ticket via the support portal when submitting service acceptance.

6. Primary technical contact is notified that they can download and deploy cryptographic material for the new live endpoints.

7. If applicable, the service manager submits a request for operational acceptance testing.

When operational acceptance testing is approved, any new endpoints added as part of this technical change will be scheduled to go live in line with your selected connection date. If you need to delay when your endpoints become active, you should raise a ticket via the support portal.

Significant changes

You will be notified by email of the outcome of this review. You will be informed of operational acceptance testing by PDP.

You will be required to follow these steps:

1. Test manager completes the prerequisites process on the connection portal.

2. Primary technical contact downloads, deploys and confirms deployment of test cryptographic material on the connection portal.

3. PDP implementation manager will arrange integration testing with your test manager.

You must ensure that your test find endpoint, test view endpoint and test PAT refresh endpoint are pointing to the solution which needs to be tested. These endpoints must be updated before integration testing begins. If you require endpoint URLs to be changed, submit a ticket via the support portal at least 3 working days before scheduled testing.

4. Security lead completes the IT health check process.

5. Test manager submits integration testing report.

6. Service manager completes service acceptance. When reviewing the service acceptance guidance, ignore references to providing live endpoint URLs following service acceptance. This applies only to the initial technical connection and not this technical change process.

If you are not conducting operational acceptance testing, when the service acceptance stage is approved, the new endpoints will be live. If you need to delay when your endpoints become active, you should raise a ticket via the support portal when submitting service acceptance.

7. Primary technical contact is notified that they can download and deploy cryptographic material for the new live endpoints.

8. If applicable, the service manager will be required to submit a request for operational acceptance testing.

When operational acceptance testing is approved, any new endpoints added will be scheduled to go live on the confirmed connection date. If you need to delay when your endpoints become active, you should raise a ticket via the support portal.

Back to top

Support

Find answers to common queries about pensions dashboards, give feedback or get technical support.

Get support

Back to top

Changelog

Last updated:09/06/2026

9 June 2026

  • Minor formatting changes to minimal and minor change sections for clarity.
Back to top