AI Knowledge Management for UK Public Sector: G-Cloud, Sovereignty & Compliance

How UK public sector bodies buy AI knowledge tools through G-Cloud and CCS frameworks, what sovereignty actually requires, and the assurance evidence procurement now expects.

A policy officer in a central government department needs the current guidance on a casework decision. The authoritative version sits in a SharePoint library that three teams maintain differently. An older copy is pinned in a Teams channel. A PDF that may or may not be superseded is attached to an email thread from last spring. The officer asks a colleague, who forwards a fourth version. None of them is certain which one a tribunal would accept as the department's settled position. This is knowledge management in much of the UK public sector in 2026, and it is the problem AI is now expected to solve without creating a new one.

The promise of AI knowledge management for the UK public sector is straightforward: connect the systems where guidance, policy, and casework precedent already live, and let staff get an accurate, source-backed answer instead of hunting across four systems and emailing each other. The difficulty is that public sector bodies cannot adopt this the way a private firm can. A council, a department, or an NHS trust has to buy through approved frameworks, has to satisfy a security and data-handling regime that most commercial AI tools were never designed for, and has to answer the sovereignty question before it answers any other. The technology is the easy part. The procurement, assurance, and jurisdiction questions are where adoption succeeds or stalls.

This guide is written for chief technology officers and digital leads in central government, local government, and health who are responsible for getting an AI knowledge capability through procurement and live without it becoming the subject of an uncomfortable audit. It covers why public sector knowledge is so fragmented, what sovereignty actually requires (and where the common shorthand misleads), how the G-Cloud and Crown Commercial Service routes really work for buying AI, the assurance evidence procurement teams now expect, and what a defensible deployment looks like in practice.

Why knowledge sits in silos across UK public sector bodies

Public sector organisations are unusually prone to knowledge fragmentation, for structural reasons that predate AI and will outlast any single tool.

The first reason is organisational. A department or a large council is not one organisation but a federation of directorates, each with its own records practice, its own shared drives, and its own conventions for what counts as the current version. Machinery-of-government changes move functions between bodies, leaving knowledge stranded in the systems of the body that used to own it. Long-running casework means a decision taken under guidance issued five years ago still has to be defensible against the guidance as it stood then, not as it stands now.

The second reason is obligation. Public bodies carry statutory duties that private firms do not: the Freedom of Information Act means any document may have to be produced on request, public records legislation governs what must be retained and for how long, and security classifications determine who may see what. These duties make staff cautious about consolidating content, because moving a document can break a retention schedule or a permission boundary. The result is more copies, not fewer, and less confidence about which copy is authoritative.

The third reason is the tooling itself. Most public bodies run a mixed estate: SharePoint and Microsoft 365 in one directorate, Google Workspace in another, a line-of-business case management system that holds the real decisions, and a Confluence or wiki instance that the digital team set up. General-purpose AI search and assistant tools index one ecosystem well and the others poorly or not at all. They also tend to answer from whatever they can reach, with no notion of whether a given document was the approved, current version. For a private firm that is an annoyance. For a public body answerable to a tribunal, an ombudsman, or a select committee, an answer drawn from a superseded document is a liability.

This is why the public sector requirement is not "AI search" but governed knowledge: a layer that knows which documents are the approved source, that respects the existing permission and classification model rather than flattening it, and that can show its working. The wider category context, including how this differs from keyword search and from the consumer AI tools staff already use, is covered in our enterprise AI search guide.

Sovereignty and data residency for government AI

For public sector buyers, the sovereignty question arrives early and it blocks procurement when it is answered badly. It is also the question most often muddled, because two distinct concepts get collapsed into one word.

Data residency is about where data physically sits. With most cloud providers, including AWS, you can select a UK or EU region so that data is stored and processed within that geography. Residency is a real control and it satisfies a large share of data-protection concerns under UK GDPR.

Data sovereignty is about jurisdiction: whose laws can compel access to the data, regardless of where it sits. This is where residency alone falls short. The US CLOUD Act (2018) compels US-headquartered companies to produce customer data on demand, regardless of where that data is physically located. A UK region does not change the corporate nationality of the provider, and the Act follows corporate control, not data location. Where a tool relies on a US-controlled processing layer, only a sovereign Enterprise tier under UK corporate control removes that exposure; a UK region alone does not. Microsoft confirmed to the French Senate in 2025 that it could not guarantee EU-hosted data would never be accessible to US authorities. For a public body handling citizen data, casework, or anything classified, that residual exposure is a legitimate procurement concern even when it is unlikely to be exercised.

The practical consequence is that a UK region on a US-controlled platform is residency, not sovereignty, and the two should never be conflated in a business case. A genuinely sovereign option requires UK or EU corporate control over the processing layer, not just a UK data centre. This matters most for the AI processing step: many tools achieve UK data residency for documents at rest while sending the actual inference to a US-controlled model. A buyer evaluating a "UK hosted AI knowledge base for government" needs to ask specifically where the AI inference happens and under whose jurisdiction, not just where the documents are stored. We unpack the residency-versus-sovereignty distinction in full, with the regulatory detail, in our sovereign AI guide.

None of this means every public body needs the maximum sovereignty posture. A team piloting AI on already-public guidance has a very different risk profile from one handling unpublished casework or classified material. The right approach is to match the tier to the data: residency for most, full jurisdictional sovereignty where the classification or the citizen-data sensitivity demands it.

How to actually buy AI through G-Cloud and CCS frameworks

A public body cannot simply sign up to an AI tool and expense it. Spend has to go through an approved route, and for cloud software that route is overwhelmingly the G-Cloud framework on the Crown Commercial Service's Digital Marketplace. Understanding how the route works is half the battle, because a capable tool that is not on a framework is, for most buyers, not buyable.

The Digital Marketplace and the G-Cloud route

G-Cloud is a Crown Commercial Service framework that lets public sector buyers purchase cloud software and support without running a full tender each time. Suppliers list their services with defined pricing and terms; buyers search the Digital Marketplace, shortlist against their requirements, and award a call-off contract. Because the framework terms are pre-agreed, a compliant award can be made far faster than an open procurement, often as a direct award where the requirement and the chosen service are well matched and the buyer can show it ran a fair comparison.

For AI knowledge tools this matters in two ways. First, presence on G-Cloud is a baseline filter: it signals the supplier has accepted the framework's standard terms, including the data-handling and exit provisions public bodies rely on. Second, the search-and-shortlist mechanics reward specificity. A buyer who searches for a governed knowledge capability with UK hosting and audit features will find a different shortlist from one who searches for a generic AI tool, and the framework's structure is designed to make that comparison defensible after the fact.

When the dynamic purchasing route fits

Alongside the framework call-off model, some categories use a dynamic purchasing system, which stays open for new suppliers to join throughout its life rather than closing after an initial bid window. For fast-moving categories this can be a better fit than a fixed framework. A buyer evaluating a CCS framework AI dynamic purchasing system route should weigh it against a straight G-Cloud call-off on three points: how mature the requirement is, whether the field of suppliers is still expanding, and how much weight the evaluation needs to put on emerging entrants. For a well-understood requirement with established suppliers, a G-Cloud call-off is usually simpler; the dynamic route earns its overhead where the market is still forming.

Making the award defensible

Whichever route, the award has to survive scrutiny. That means documenting the requirement before searching, recording why the shortlist was drawn as it was, and keeping the comparison evidence. The strongest position is one where the requirement is written in capability terms (governed source control, sovereign processing option, audit trail, cross-ecosystem reach) rather than around a named product, so that the eventual choice reads as the outcome of a fair test rather than a foregone conclusion. AnswerVault, a governed AI knowledge layer, is listed on G-Cloud, which is what makes it directly buyable through this route.

The assurance evidence public sector procurement now expects

Getting onto a framework gets a supplier into the room. Staying in it through due diligence requires evidence, and public sector assurance has its own vocabulary on top of the general security baseline.

Cyber security and information governance

The general security floor is well established. Cyber Essentials, the NCSC-backed scheme, is a common minimum, with Cyber Essentials Plus expected for more sensitive work. ISO 27001 certification is the long-standing information-security signal that procurement teams ask suppliers to evidence. None of this is AI-specific, but all of it is table stakes: a supplier that cannot produce these is rarely shortlisted.

Health-sector assurance: the DSPT

Health bodies add a sector-specific layer. The Data Security and Protection Toolkit (DSPT) is the annual self-assessment NHS organisations and their suppliers complete to demonstrate they meet the national data security standards. A supplier selling an AI knowledge tool into an NHS trust will be asked how it aligns with the DSPT, how patient-adjacent data is handled, and where processing occurs. This is where the sovereignty question and the assurance question converge: a tool that processes data on a US-controlled layer creates DSPT and information-governance questions that UK-controlled processing avoids.

AI-specific governance

The newest layer is governance of the AI itself. ISO 42001, the AI management system standard published in 2023, is starting to appear in procurement requests as the credible signal that a supplier governs its AI systematically rather than ad hoc. Public bodies also work within their own AI assurance expectations, including transparency about automated processing and the ability to explain how an answer was produced. The procurement-relevant test is whether the tool produces an audit trail and per-answer citations a reviewer can follow, not just a confident summary. Our AI governance guide sets out what enterprise-grade AI governance looks like in full, and the broader compliance picture for regulated buyers, including health, sits in our regulated industries guide.

The common thread across all four assurance layers is evidenceability. Procurement is not asking "is it secure" in the abstract; it is asking "can you show, for a specific answer on a specific date, which approved document it came from and where it was processed." A tool that cannot produce that record fails public sector assurance regardless of how good its answers feel.

What a governed AI knowledge layer looks like for the public sector

AnswerVault is a governed AI knowledge layer that connects an organisation's existing document sources, including SharePoint, Google Drive, and Confluence, and delivers accurate, source-backed answers through web chat, Microsoft Teams, Slack, CLI, and API. It was originally built for a global pharmaceutical company with strict data governance requirements, and the same architecture now addresses the parallel demands of public sector buyers: governed sources, defensible audit trails, and a sovereignty option that goes beyond residency.

The core of the public sector fit is governed source control. A document does not become answerable because it sits in a connected library; it becomes answerable because it is approved as the current, authoritative version, with that approval recorded in the audit trail. When guidance is superseded, the old version stops being used for answers and the change is preserved in the record, so the question "which version was the department's settled position on this date, and who approved it" has an answer. For a body that may have to defend a casework decision to a tribunal or an ombudsman, this is the difference between a tool and a liability.

Answers are cited at the sentence level, so a reviewer can trace each clause back to a specific document and version rather than to a summary block. The platform respects the existing permission model of the connected sources rather than flattening it, which keeps classification and need-to-know boundaries intact.

On sovereignty, the tier matters. The standard tiers provide UK or EU data residency on AWS infrastructure; the CLOUD Act applies to those tiers because AWS is US-headquartered, and a business case should state that plainly rather than claim a UK region resolves it. The Enterprise sovereign tier is UK-controlled, with the AI processing layer inside the sovereign boundary, for public bodies whose classification or citizen-data sensitivity makes jurisdiction a procurement-blocking concern. Matching the tier to the data, rather than buying the maximum posture by default, is the pragmatic path.

AnswerVault is ISO 27001 aligned and ISO 42001 underway, AI is included in every plan with no per-query charges or separate model keys required, and customer data is never used to train AI models. The platform is listed on G-Cloud, so it is buyable through the route described above. The specifics procurement teams need for due diligence, including hosting, subprocessors, attestations, and audit rights, are documented on our security and compliance page, which can be referenced directly in framework assessments.

Next steps

If you are scoping an AI knowledge capability for a public sector body, the most useful first move is to write the requirement in capability terms, decide the sovereignty tier the data actually demands rather than the one that sounds safest, and confirm the supplier is on a framework you can award through. Those three decisions shape both the shortlist and the defensibility of the award.

See how AnswerVault deploys for public sector teams, or start free by connecting a document source to see governed knowledge search in practice.


AnswerVault is built by Catapult CX, an enterprise technology consultancy. The product was originally developed for a global pharmaceutical company with strict data governance requirements; the same architecture now powers the SaaS platform.

Try AnswerVault

Ready to put your documents to work?

Connect your document sources and start querying in minutes.