How digitally sovereign is your organization? This Red Hat tool can tell you in minutes
Source: ZDNet
*Image credit: Studios/DigitalVision via Getty Images*
---
### ZDNET's key takeaways
- Trust in U.S. tech companies is declining, increasing the importance of digital sovereignty.
- Red Hat’s open‑source **Digital Sovereignty Readiness Assessment** helps you evaluate your digital sovereignty.
- You, not Red Hat, retain control of your data and how you use the assessment.
Over the past year, several governments and companies outside the United States have decided they can’t trust American tech firms. As a result, **digital sovereignty** has become a strategic priority. While U.S. companies aren’t thrilled about this shift, many are now helping European organizations achieve their sovereignty goals.
One of the first to act is Linux and cloud‑native computing leader **Red Hat**. Late last year, Red Hat became the **first U.S. company** to announce an EU‑specific digital‑sovereignty program—**Red Hat Confirmed Sovereign Support (RHCSS)**—which guarantees that critical European IT operations remain under EU control.
> **Also:** *[Why even a U.S. tech giant is launching “sovereign support” for Europe now](https://www.zdnet.com/article/why-even-a-us-tech-giant-is-launching-sovereign-support-for-europe-now/)*
Red Hat now backs this initiative with its open‑source **Digital Sovereignty Readiness Assessment** toolkit. The tool gives governments and enterprises a concrete way to measure how much control they have over data, infrastructure, and operations amid growing geopolitical cloud concerns.
The **web‑based, self‑service survey** walks organizations through 21 multiple‑choice questions covering:
- Data residency
- Encryption‑key control
- Disaster‑recovery planning for geopolitical events
- Preventing sensitive data from crossing borders
The goal is to turn digital‑sovereignty discussions from vague policy talk into a measurable “sovereignty baseline” that IT and business leaders can act on.
**Take the assessment:**
[Digital Sovereignty Readiness Assessment Survey](https://www.feedback.redhat.com/jfe/form/SV_1LGSam42lrM4Ddk)
---
*Related reading:*
- *[Europe’s plan to ditch U.S. tech giants is built on open source—and it’s gaining steam](https://www.zdnet.com/article/europes-plan-to-ditch-us-tech-giants-is-built-on-open-source-and-its-gaining-steam/)*An “Open Standard” for Assessing Digital Sovereignty
If you have all the information you need at hand, the survey should take 10–15 minutes to complete.
Red Hat’s Digital Sovereignty Framework
| Domain | Description |
|---|---|
| Data sovereignty | Control over where data is stored and processed. |
| Technical sovereignty | Ownership of the technology stack and its components. |
| Operational sovereignty | Ability to run workloads independently of any single provider. |
| Assurance sovereignty | Guarantees around compliance, security, and auditability. |
| Open‑source strategy | Use and contribution to open‑source projects. |
| Executive oversight | Governance structures that enforce sovereign policies. |
| Managed services | Options for third‑party management that respect sovereign constraints. |
At the end of the questionnaire, organizations receive a score mapped to four maturity stages:
- Foundation – Basic awareness and initial controls.
- Developing – Formal processes and limited vendor lock‑in.
- Strategic – Integrated sovereign policies across the enterprise.
- Advanced – Full autonomy and auditable compliance.
The framework also provides a roadmap of recommended next steps and research questions for stakeholders.
Open‑Source Release
Red Hat is publishing both the tool and its underlying criteria under the Apache 2.0 license, positioning it as an open standard for digital‑sovereignty assessment.
- Source code & methodology:
- Vendor‑neutral: Partners, competing vendors, and end users can adopt, extend, or fork the project.
“For sovereignty to be real and obtainable, the behind‑the‑scenes math must be accountable and open for inspection. Red Hat is providing the transparent standard to give our customers the confidence that their sovereign strategy is exactly that.”
— Hans Roth, Senior VP & GM, EMEA, Red Hat
Data Privacy
- All assessment data stays in the browser; nothing is sent back to Red Hat or any third party.
- You can download the code and run it on your own server for complete control.
Why It Matters
- Transparency: Open criteria and local‑only data handling move the industry away from “blind trust” toward an auditable, verifiable model of sovereignty.
- Flexibility: While Red Hat offers services to help you achieve your goals, there is no requirement to use them.
Also: Why open source may not survive the rise of generative AI
Context
Many European governments, companies, and organizations are transitioning away from U.S. cloud providers (AWS, Microsoft, Google) for sovereignty reasons.
Also: Why France just dumped Microsoft Teams and Zoom – and what’s replacing them
U.S. tech giants now offer their own digital‑sovereignty initiatives. The Digital Sovereignty Readiness Assessment toolkit can help you evaluate whether those offerings meet your requirements.