Key takeaways:
- The Golden Thread is a complete, accurate, up-to-date digital record of all building safety information for your higher-risk building
- It is a legal requirement under section 88 of the Building Safety Act 2022 and the Higher-Risk Buildings (Keeping and Provision of Information) Regulations 2024
- The Principal Accountable Person has the primary legal duty to establish and maintain it
- It must be kept in electronic (digital) format, kept up to date, and be accessible to relevant persons
- Paper records alone do not comply -- you need a digital system with version control, access management, and audit trails
What is the Golden Thread?
The Golden Thread is a metaphor for something very practical: a continuous, traceable record of all the information needed to manage building safety throughout the life of a higher-risk building. It is the single source of truth about your building -- from its original design and construction through every change, inspection, assessment, and safety decision made during its occupation.
The concept comes from Dame Judith Hackitt's Independent Review of Building Regulations and Fire Safety (2018), published in the wake of the Grenfell Tower tragedy. Hackitt found that critical building information was routinely lost, fragmented across different systems, or inaccessible to the people who needed it. Her review recommended a "golden thread" of information running through the life of every higher-risk building -- from initial design, through construction, into occupation, and across every change of ownership or management.
The Building Safety Act 2022 turned that recommendation into law. Section 88 places a duty on accountable persons to keep prescribed information about their higher-risk buildings. The Higher-Risk Buildings (Keeping and Provision of Information etc.) (England) Regulations 2024 (SI 2024/41) fill in the detail -- specifying exactly what information must be kept, in what format, and how it must be provided to others.
In plain terms: if something is done to your building that affects safety, there should be a record of it in the Golden Thread. If someone needs to understand how the building was designed, what materials were used, what risks have been identified, or what maintenance has been carried out, they should be able to find that information in one place.
Check if your building qualifies as higher-risk →
Legal disclaimer: This guide is for general information and does not constitute legal or professional advice. It is based on our reading of the Building Safety Act 2022 and associated regulations as of March 2026. For building-specific compliance questions, consult a qualified building safety professional or solicitor. Legislation and guidance may change -- always check the latest position on legislation.gov.uk and GOV.UK.
Legal basis for the Golden Thread
The Golden Thread requirement rests on two main pieces of legislation:
- Building Safety Act 2022, section 88 -- establishes the duty on accountable persons to keep prescribed information about higher-risk buildings in electronic form
- The Higher-Risk Buildings (Keeping and Provision of Information etc.) (England) Regulations 2024 (SI 2024/41) -- specifies exactly what information must be kept, in what format, and how it must be provided to others
Section 88 came into force on 1 October 2023. The 2024 Regulations (SI 2024/41), which prescribe the detailed information categories, came into force on 6 April 2024. Both are now fully in effect.
The duty applies to all higher-risk buildings as defined by the Higher-Risk Buildings (Descriptions and Supplementary Provisions) Regulations 2023 (SI 2023/110) -- residential buildings in England that are at least 7 storeys tall or at least 18 metres in height and contain at least two residential units. If your building meets this threshold, the Golden Thread requirements apply.
Enforcement powers
The Building Safety Regulator (BSR), part of the Health and Safety Executive, enforces compliance. Under section 98 of the Building Safety Act, the BSR has powers to issue compliance notices requiring specific actions within set timescales. Failure to comply with section 88 is a criminal offence, and the BSR can pursue civil penalties and prosecution.
This is not a theoretical risk. The BSR has been building its enforcement capability since April 2024 and has publicly stated its intention to take action against non-compliant accountable persons. Having a well-maintained Golden Thread is not just a legal box to tick -- it is your primary evidence that you are managing building safety effectively.
What the Golden Thread is not
Before going further, it helps to clarify two common confusions:
Golden Thread vs Key Building Information (KBI)
The Golden Thread and Key Building Information (KBI) are related but different. Many building managers mix them up, creating compliance gaps.
- Golden Thread = the complete set of building safety information maintained throughout the building's life (section 88)
- KBI = a defined subset of information that the Principal Accountable Person must register and provide to the Building Safety Regulator under section 89
Think of KBI as the summary you submit to the regulator. The Golden Thread is everything behind that summary -- the full evidence base. Maintaining KBI alone does NOT satisfy the Golden Thread requirement.
Golden Thread vs Building Safety Case
Your building safety case report is one component of the Golden Thread, not the whole thing. The safety case demonstrates that you have identified the major risks in your building and are managing them. The Golden Thread is the broader information ecosystem that includes the safety case alongside design information, maintenance records, fire risk assessments, and everything else prescribed by SI 2024/41. For an overview of what a building safety case is and how it connects to the Golden Thread, see our explainer.
What information must be kept in the Golden Thread
The Regulations 2024 (SI 2024/41) prescribe two broad categories of information in Schedule 1. Together, they form the complete picture of your building's safety throughout its life.
Design and construction information
This covers the building's origins and any subsequent structural changes:
| Category | What to include | Examples |
|---|---|---|
| Original design | As-built drawings, architectural plans, structural designs | Floor plans, elevations, cross-sections, structural calculations |
| Construction records | Materials used, methods, CDM documentation | Specifications for external wall systems, cladding details, fire stopping records |
| Fire safety design | The fire strategy underpinning the building's design | Compartmentation strategy, means of escape design, fire detection and suppression system design |
| Approvals and sign-offs | Building control approvals, planning consents | Completion certificates, approved inspector final certificates |
| Refurbishment records | Any changes to original design or construction | Records of replacement cladding, window upgrades, structural alterations, service penetrations |
Information during occupation
This covers the ongoing safety management of the occupied building:
| Category | What to include | Examples |
|---|---|---|
| Safety case report | Current assessment of major building safety risks and management measures | Risk register, mitigation strategies, residual risk assessment (see our Safety Case guide) |
| Fire risk assessments | Current and historical FRAs, plus remediation tracking | Type 1-4 fire risk assessments, action plans, completion evidence, re-assessment records (tracking guidance) |
| Mandatory occurrence reports | Reports of safety occurrences submitted to BSR | Structural failures, fire spread beyond compartment of origin, water ingress affecting common parts |
| Resident engagement strategy | How you involve residents in building safety decisions (see our engagement strategy guide) | Communication plans, consultation records, resident panel minutes |
| Maintenance records | Scheduled and reactive maintenance history | Lift servicing, fire alarm testing, sprinkler maintenance, electrical inspections, gas safety certificates |
| Inspection reports | Professional inspections and surveys | EWS1 forms, intrusive wall surveys, electrical condition reports, lift LOLER inspections |
| Building fabric changes | Any modifications during occupation | Internal layout changes, fire door replacements, service penetrations, external wall repairs |
| Emergency planning | Evacuation strategies and emergency procedures | Evacuation plans, Personal Emergency Evacuation Plans (PEEPs), assembly point designations |
| Complaints register | Safety-related complaints and concerns from residents | Reports of fire door damage, blocked escape routes, faulty alarms, suspected asbestos |
If your building was completed before the Building Safety Act came into force, you may not have all the original design and construction information. The regulations acknowledge this -- you are required to keep what you can reasonably obtain. But you should make documented efforts to recover missing information: contacting original developers, searching building control archives, and commissioning intrusive surveys where necessary. The key is demonstrating reasonable effort, not perfection.
Read the complete BSA compliance checklist →
Digital records requirements for the Golden Thread
The regulations are specific about how Golden Thread information must be stored. Paper records alone will not satisfy the requirement -- the Act explicitly requires electronic format.
| Requirement | What it means | Compliant | Non-compliant |
|---|---|---|---|
| Electronic format | All information must be stored digitally | Cloud platform, structured database, digital document management system | Paper-only files, filing cabinets without digital backup |
| Single accessible location | One authoritative source, not scattered across systems | Centralised platform with all records, or a master index linking to sub-systems | Information split across personal laptops, email inboxes, and shared drives with no index |
| Kept up to date | Information reflects current state of the building | Version-controlled records updated after every change, inspection, or assessment | Static documents last updated at handover, no revision history |
| Accessible to relevant persons | Those who need the information can find and use it | Role-based access for managers, accountable persons, BSR, and residents (as appropriate) | Records locked in one person's account with no delegation or sharing |
| Understandable | Written so readers can act on it | Plain English summaries alongside technical documents, defined abbreviations | Technical jargon with no context, abbreviations without definitions |
| Secure | Protected from unauthorised access, loss, or damage | Encrypted storage, access logging, regular backups, disaster recovery plan | Shared folder with no password, no backup strategy, single point of failure |
| GDPR compliant | Personal data handled lawfully | Personal data (resident details, PEEPs) stored with appropriate legal basis and access controls | Resident personal data shared openly without consent or lawful basis |
Why spreadsheets fall short
A common question building managers ask is whether a spreadsheet can serve as a Golden Thread. The short answer: a spreadsheet can be part of your system -- perhaps as a gap analysis tracker or document index -- but it should not be the whole system.
Here is why. A spreadsheet does not natively provide version control (who changed what and when), role-based access controls (different people seeing different things), document storage (the actual plans, reports, and certificates), audit trails (proof of who accessed or updated records), or automated alerts when information becomes stale. These are all requirements, not nice-to-haves.
For a detailed look at why spreadsheet-based compliance tracking creates risk, see our analysis: Spreadsheets Are Not a Golden Thread.
Understanding which buildings fall under these requirements is the first step. For a detailed breakdown of the height, storey, and residential unit thresholds, see our guide to higher-risk building criteria under the Building Safety Act.
Who is responsible for the Golden Thread
The Principal Accountable Person (PAP) has the primary legal duty under section 88 to ensure that prescribed information is kept and maintained. In most cases, the PAP is the person or organisation that holds the building lease or freehold and has responsibility for the structure and exterior of the building. For a full breakdown of PAP obligations, see our PAP Responsibilities guide.
Accountable Persons (APs) -- which may include managing agents, Right to Manage (RTM) companies, or other parties responsible for specific common parts -- have duties for the information relating to their areas of responsibility.
Key principles of responsibility
Delegation is possible, duty is not. A PAP can delegate the day-to-day management of the Golden Thread to a managing agent, building manager, or compliance officer. But the legal duty remains with the PAP. If the information is incomplete or inaccurate, the PAP bears the legal consequences -- not the person they delegated to.
Multiple accountable persons must cooperate. Where a building has more than one AP (for example, separate managing agents for different parts of the building), section 88 requires them to cooperate and share information to maintain a complete Golden Thread. Information silos between different responsible persons are a compliance failure. For a full overview of Accountable Person duties -- including the Golden Thread obligation -- see our explainer. If your building has both a PAP and other APs, understanding how these roles differ is essential for allocating Golden Thread responsibilities correctly.
The BSR can request information at any time. Under section 89, the Building Safety Regulator can request information from the PAP. The ability to respond promptly -- rather than spending days searching through filing cabinets and email chains -- depends on having a well-organised Golden Thread.
Residents have access rights. Residents can request certain building safety information. An organised Golden Thread makes responding to these requests straightforward. An unorganised one turns each request into a scramble that erodes resident trust.
How to establish and maintain a Golden Thread
Setting up a Golden Thread from scratch can feel daunting, especially if you are managing a building with incomplete historical records. This section breaks it into five practical steps.
Step 1: Audit your existing building information
Start by gathering everything you already have. You may be surprised how much information exists -- it is just scattered.
- Design and construction: Check with the original developer, building control body, and your solicitor's files for as-built plans, structural calculations, and completion certificates
- Fire safety: Collect all fire risk assessments (current and historical), fire strategy documents, and any EWS1 or cladding inspection reports
- Maintenance: Gather service records for lifts, fire alarms, sprinklers, electrical systems, gas installations, and any building fabric repairs
- Correspondence: Review files for building control notices, enforcement letters, mandatory occurrence reports, and safety-related complaints
- Insurance: Building insurance surveys and valuations often contain useful structural and risk information
Create a simple inventory listing each document, its date, source, and any gaps you have identified. This audit becomes your roadmap. A building with 200 documents across 15 categories might find gaps in 3-4 categories -- and that is normal. Document the gaps and your efforts to fill them.
Step 2: Choose a digital storage system
Your system needs to meet the format requirements from SI 2024/41 Regulation 6. At minimum, you need:
- Electronic storage with adequate capacity for documents, plans, and image files
- Version control so you can track what changed, when, and by whom
- Access controls to manage who can view and edit different types of information
- Search functionality so relevant information can be found quickly when the BSR or a resident requests it
- Backup and security to protect against data loss, ransomware, or unauthorised access
Options range from structured cloud storage (SharePoint, Google Workspace) with disciplined folder organisation, to purpose-built compliance platforms like Brocade that are designed specifically for Golden Thread management with built-in version control, audit trails, and regulatory workflows.
The key decision factor is sustainability: can you realistically maintain the system over years, through staff changes and contractor rotations, without the information becoming stale or disorganised? A sophisticated system that nobody uses is worse than a simple system that everyone keeps current.
Step 3: Organise information by prescribed categories
Structure your records following the categories in SI 2024/41 Schedule 1:
For each category, you should be able to answer four questions: what documents do we have? Are they current? Who last reviewed them? Where are the gaps?
Step 4: Establish update and review processes
A Golden Thread is only useful if it stays current. A building with 300 documents that were last updated at handover is not compliant -- it is a snapshot, not a living record.
Assign clear responsibility for each information category. The maintenance contractor updates maintenance records after each visit. The fire risk assessor uploads the new fire risk assessment within a defined timeframe. The building manager logs complaints and concerns. When everyone knows their role, records stay current without a single person becoming a bottleneck.
Set review schedules. Fire risk assessments are typically reviewed annually or after any significant change to the building. Maintenance records should be updated after each service visit. The safety case should be reviewed at least annually. Set calendar reminders so reviews do not slip.
Define trigger events. Certain events should prompt immediate Golden Thread updates:
- A fire incident or near-miss
- A mandatory occurrence report
- Completion of remediation works (cladding, fire doors, compartmentation)
- A change in accountable persons or managing agents
- A building fabric modification (new penetrations, structural changes)
- Receipt of a BSR compliance notice
Track changes with audit trails. Every update should record what changed, when, and by whom. This is where version control becomes essential -- not just for compliance, but so you can demonstrate to the BSR that your records reflect the building's current state, not a static archive.
Step 5: Set up access controls and sharing
Different people need different levels of access to your Golden Thread:
| Role | Access level | Why |
|---|---|---|
| PAP and building managers | Full read/write access to all information | Primary duty holders -- need complete visibility |
| Accountable Persons (APs) | Read/write for their areas, read access to shared information | Responsible for specific common parts |
| Fire risk assessors and contractors | Upload access for their reports, limited read access | Need to submit records without seeing unrelated information |
| BSR inspectors | Ability to provide requested information promptly | Section 89 compliance -- prompt response to regulatory requests |
| Residents | Access to relevant safety information | Required by the Act -- residents have a right to certain building safety information |
Ensure your access controls are GDPR compliant. PEEPs contain sensitive personal data (disability information, mobility limitations) and require careful handling with restricted access and a clear lawful basis for processing.
See how Brocade maintains your Golden Thread digitally →
Common mistakes building managers make
These are the pitfalls we see most frequently. Avoiding them will save you time, reduce risk, and make BSR interactions smoother.
1. Paper-only records
Some buildings still rely primarily on paper files. Even if those files are comprehensive and well-organised, they do not meet the electronic format requirement in section 88. You need a digitisation plan: scan existing paper records, set up digital processes for new information, and establish a clear transition date after which all records are digital-first. A building with 15 years of paper maintenance logs needs those logs scanned and indexed, not just filed in a better cabinet.
2. Treating KBI submission as the full Golden Thread
Completing your Key Building Information registration with the BSR is an important step, but it covers only a fraction of the information you need to maintain. The Golden Thread is the complete evidence base behind the KBI summary. If a BSR inspector asks to see your maintenance records, resident engagement documentation, or historical fire risk assessments, your KBI submission alone will not satisfy them.
3. No version control
Saving over the same file repeatedly means you lose the history of changes. If the BSR asks when your fire risk assessment was last updated and what changed, you need to show the revision history. A fire risk assessment dated 2024 with no record of what was different in the 2023 version cannot demonstrate that your records are genuinely "kept up to date" as required.
4. Information scattered across systems
Having PDFs in a OneDrive folder, a maintenance spreadsheet on a shared drive, fire risk assessments in an email attachment, and complaints in a WhatsApp group technically has some digital elements. But it fails the "single accessible location" requirement and makes the "kept up to date" obligation nearly impossible to sustain. When information lives in seven places, it lives in zero places -- because nobody knows which version is current.
5. Access that is too restrictive or too open
Both extremes create problems. Locking all information under a single account means the Golden Thread becomes inaccessible when that person is on holiday, off sick, or leaves the organisation. But giving everyone full access to everything exposes PEEPs data (which is GDPR-sensitive), commercially sensitive structural surveys, and security-critical access information. Role-based access -- where people see what they need to see and nothing more -- is the correct approach.
6. Setting up a Golden Thread and then forgetting about it
Setting up a Golden Thread is the easy part. Keeping it current over months and years, through staff changes, contractor rotations, and management company transitions, is the real challenge. Without clear processes and assigned responsibilities (Step 4 above), records gradually fall behind reality. After two years of neglect, your Golden Thread becomes a historical snapshot rather than a living compliance tool -- and a BSR inspector will see the difference.
Real-world scenarios
These hypothetical examples illustrate how different buildings approach Golden Thread compliance in practice.
Scenario 1: Inheriting a building with no documentation
A newly converted 9-storey residential block has been handed over to a small management company. The original developer went into administration, leaving no as-built drawings, no fire strategy document, and only a basic completion certificate from building control.
How they approach it:
- Audit: They document what they have (completion certificate, basic sales brochures with floor plans, the original planning application from the council website) and create a gap register listing what is missing
- Recovery: They contact the building control body for archived records, commission an intrusive cladding survey to establish external wall composition, and hire a fire engineer to produce a fire strategy based on a physical survey of the building
- Organisation: Each recovered document is uploaded to their compliance platform with metadata noting whether it is "original construction -- recovered" or "original construction -- gap (documented efforts made)"
- Ongoing: Every new fire risk assessment, maintenance visit, and inspection is logged directly. The initial gaps are documented with notes explaining recovery efforts
- BSR engagement: When the BSR requests information during registration, the PAP demonstrates both the records they hold and the documented efforts to recover missing information -- meeting the "reasonably obtainable" standard
Scenario 2: Established building with fragmented records
A 12-storey building has been managed by the same company for 15 years. Records exist, but they are scattered: fire risk assessments in the assessor's portal, maintenance records in a contractor's system, complaints in an email folder, structural surveys in a solicitor's file, and resident engagement notes in a Word document on the building manager's laptop.
How they consolidate:
- Information audit: They map every source, finding records distributed across 7 different locations
- Migration: They export and download everything into a central system, organising by prescribed category. Each document receives metadata: date, source, type, and review status
- Single source of truth: They establish a rule: all new records go into the central system first. Contractors upload directly. When a fire risk assessor delivers a new assessment, it is uploaded within 48 hours
- Historical records: Past fire risk assessments going back 8 years are uploaded chronologically, creating a visible history of how fire risk has been assessed and managed over time
- Resident access: They create a resident-facing view showing the current evacuation strategy, fire risk assessment action status, and upcoming safety works -- meeting the access requirement without exposing sensitive internal documents
Scenario 3: RTM company with volunteer directors
An 8-storey building is managed by leaseholders who have exercised the Right to Manage. The RTM directors are volunteers with no property management background, currently using WhatsApp groups, shared Google Drive folders, and a spreadsheet tracker.
How they formalise their Golden Thread:
- Education: The directors review this guide and the BSA Compliance Checklist to understand their obligations as the PAP
- Honest assessment: They recognise their Google Drive has useful information but lacks structure, version control, and access management. WhatsApp is not a compliant record-keeping system
- Transition: They adopt a structured compliance platform where each director takes responsibility for specific information categories based on their skills and availability
- Discipline: They establish a monthly review meeting: have all contractor reports been uploaded? Are any fire risk actions overdue? Have any resident complaints been logged? This creates the "kept up to date" discipline that volunteer organisations often struggle with
- Professional support: For areas beyond their expertise (fire risk assessment, structural surveys), they commission professionals who upload their reports directly, reducing the administrative burden
Related resources
Brocade guides
-
Building Safety Act Compliance Checklist -- a step-by-step checklist of all your BSA obligations, including the Golden Thread
-
PAP Responsibilities: What Principal Accountable Persons Need to Know -- detailed breakdown of who is responsible and for what
-
PEEPs Guide: What Building Managers Need to Know -- Personal Emergency Evacuation Plans, a key component of your Golden Thread's emergency planning records
-
Safety Case Report Guide -- how to prepare the safety case that feeds into your Golden Thread
-
The Building Safety Act 2022: A Complete Guide -- comprehensive overview of the legislation that established the Golden Thread requirement
Blog posts
- Why Spreadsheets Are Not a Golden Thread -- why manual tracking creates compliance risk
- Fire Risk Assessment Tracking: A Complete Guide -- how to track FRA actions as part of your Golden Thread
- Accountable Person Duties Explained -- AP obligations including maintaining the Golden Thread
- What Is a Building Safety Case? -- how the safety case connects to your Golden Thread
- Higher-Risk Buildings: Definition, Criteria, and How to Check -- which buildings must maintain a Golden Thread
Platform
- Golden Thread Platform -- how Brocade helps building managers maintain their Golden Thread digitally
- Fire Risk Assessment Tracking -- FRA action management with evidence trails and contractor workflows
Further reading and official sources
Primary legislation
- Building Safety Act 2022 -- section 88 (Keeping of information)
- Building Safety Act 2022 -- section 89 (Provision of information)
- Building Safety Act 2022 -- section 98 (Enforcement)
Secondary legislation
- Higher-Risk Buildings (Keeping and Provision of Information etc.) (England) Regulations 2024 (SI 2024/41)
- Higher-Risk Buildings (Descriptions and Supplementary Provisions) Regulations 2023 (SI 2023/110)
GOV.UK guidance
- The Golden Thread of building information
- Building Safety Regulator: register a higher-risk building
- Accountable person: who is responsible
Independent review
Frequently asked questions
What is the Golden Thread of building information?
The Golden Thread is a complete, accurate, and up-to-date digital record of all building safety information for a higher-risk building. It is a legal requirement under section 88 of the Building Safety Act 2022, maintained by the Principal Accountable Person throughout the building's life. It covers everything from original design and construction records through to ongoing maintenance, fire risk assessments, safety cases, and emergency planning documents.
Does the Golden Thread apply to my building?
The Golden Thread requirement applies to higher-risk buildings in England -- residential buildings at least 7 storeys or 18 metres tall containing at least 2 residential units, as defined by the Higher-Risk Buildings (Descriptions and Supplementary Provisions) Regulations 2023. If your building meets this description, the duty under section 88 of the Building Safety Act applies to the accountable persons for that building.
What happens if I do not maintain a Golden Thread?
Failure to comply with section 88 is a criminal offence. The Building Safety Regulator has enforcement powers under section 98 of the Act, which can include compliance notices, civil penalties, and prosecution. Beyond the legal risk, an incomplete Golden Thread makes it harder to demonstrate that you are managing building safety effectively -- which could have serious consequences in the event of an incident.
Can I use spreadsheets as my Golden Thread?
A spreadsheet alone is unlikely to satisfy the requirements. While it might serve as an index or tracker, the Golden Thread needs to include the actual documents (plans, reports, certificates), not just references to them. You also need version control, access management, and security -- capabilities that spreadsheets typically lack. A spreadsheet could be part of your system (for example, as a gap analysis tracker), but it should not be the complete system. See why spreadsheets are not a Golden Thread for a detailed analysis.
What is the difference between the Golden Thread and Key Building Information?
The Golden Thread is the complete set of building safety information maintained throughout the building's life under section 88. Key Building Information (KBI) is a defined subset that the Principal Accountable Person must register and provide to the Building Safety Regulator under section 89. Think of KBI as the summary you submit to the regulator, and the Golden Thread as everything behind that summary. Maintaining KBI alone does not satisfy the Golden Thread requirement.
What information must be included in the Golden Thread?
The Higher-Risk Buildings (Keeping and Provision of Information) Regulations 2024 prescribe two categories in Schedule 1: design and construction information (as-built plans, fire strategy, materials used, building control approvals) and information during occupation (safety case, fire risk assessments, maintenance records, mandatory occurrence reports, emergency plans, resident engagement strategy, and complaints register).
How often should the Golden Thread be reviewed?
There is no single prescribed review frequency -- it depends on the type of information. Fire risk assessments are typically reviewed annually or after significant changes. Maintenance records should be updated after each service visit. The safety case should be reviewed at least annually. As a general rule, update the Golden Thread whenever something changes in the building that affects safety, and conduct a comprehensive review at least once a year to check for gaps and staleness.