Information Management Standard for Australian Government

Introduction

Well-managed business information is a valuable asset that contributes to good government through:

  • supporting efficient business
  • informing decision-making
  • demonstrating government accountability and transparency
  • assisting to mitigate risks
  • adding economic value and protecting rights and entitlements.

Reliable and useable information is crucial to business performance. Digital information can be made available across geographic areas and can be accessed simultaneously, enabling the transformation of business processes. Effective digital information management allows the Australian Government to innovate and deliver services that better meet the needs and expectations of clients and other stakeholders.

Managing public sector information well ensures it remains reliable and trusted and facilitates use and reuse, by both the Government and the general community.

Purpose

The Information Management Standard has been developed and issued to assist Australian Government agencies to create and manage business information effectively by outlining:

  • principles for well-managed information within the Australian Government jurisdiction
  • the National Archives of Australia’s expectations for the management of business information to enable agencies to meet business, government and community needs and expectations.

This Standard is consistent with the key concepts and principles of International Standard AS ISO 15489.1:2017.

The National Archives will review how agencies are performing against the Standard as part of its regular survey and evaluation of the Australian Government information management environment.

Authority and scope

Under the Archives Act 1983, the National Archives is the lead agency for setting information management obligations and standards for Australian Government agencies.

This Standard applies to Australian Government business information, that is information and records in digital and non-digital formats that are created, used or received as part of government business. This includes both structured and unstructured information.

The Standard applies to business information created and managed:

  • by all non-corporate and corporate Australian Government entities, and wholly-owned companies including government business enterprises (collectively referred to as agencies)
  • internally or in outsourced arrangements, by staff employed by the Australian Government or contracted to perform business on its behalf.

This Standard does not cover the management of collections of published reference material or artefacts such as those typically found in libraries or museums.

Information and the Australian Government jurisdiction

Information is a corporate asset critical to all Australian Government activities, which range from developing national policies on trade, taxation or foreign affairs, to servicing claims for individual benefits and entitlements. Every day the Australian Government takes actions or makes decisions that affect the lives of Australian citizens, residents and visitors.

The Public Service Act 1999 sets out the values and code of conduct for Australian Public Service (APS) employees. The APS Values and Code of Conduct in Practice require employees to 'document significant decisions or actions consistent with the Archives Act 1983 and to a standard that will withstand independent scrutiny'.[1] The Public Governance, Performance and Accountability Act 2013 requires the Australian Government to provide meaningful information to the Parliament and the public and to accountably govern and manage public resources, including information assets. These Acts are part of a legislative framework that ensures that the Australian Government performs accountably and the Australian community can understand why decisions are made or actions taken.

The Archives is one of several agencies that assist Australian Government agencies to improve their capabilities and performance in managing their business information. The Archives also ensures that Australians, and the global community, have access to the archival collection of the Australian Government. Some areas where other agencies provide guidance and advice on managing information include:

  • its protective security
  • the technology that carries it
  • ensuring the public can access it
  • ensuring that an individual’s privacy is not compromised by its collection or use
  • releasing public sector information as a national resource for community access and use
  • auditing how agencies manage their business information and making recommendations for improvement.

Whole-of-government sources – including legislation, policiesstandards and advice – that impact on the information management responsibilities of most Australian Government agencies is available on our website.

[1] Australian Public Service Commission, APS Values and Code of Conduct in Practice, Australian Government, 2016 p.2

Outcomes and benefits from using this Standard

Creating and managing information according to the Principles in this Standard will result in business information that:

  • can be found, retrieved, and interpreted when needed
  • can be trusted as complete and accurate
  • is kept for as long as needed and no longer.

This Standard will benefit agency business outcomes by enabling them to:

  • document all needed information about a person, decision, fact or event
  • make sound decisions based on timely access to reliable business information
  • share corporate knowledge easily and avoid duplicated effort
  • improve business efficiency by leveraging opportunities provided by evolving information technologies
  • protect and secure information
  • know who has seen, changed, or removed business information when required
  • retain public and ministerial trust by being able to account for actions undertaken, advice given and decisions made
  • maximise return on investment by providing meaningful datasets to assist Australian Government, and the community, to use and reuse public sector information
  • create and preserve information that will contribute to Australian memory and history.

The strategic value of well-managed business information is commonly under-estimated. Poorly managed information can:

  • undermine rights and entitlements
  • adversely affect decision making
  • negatively impact reputation
  • result in costs and inefficiencies, such as storing and preserving unnecessary information.

Well-managed business information mitigates these risks.

Implementation guidance

The Principles should be implemented using a risk and value-based approach. The recommended actions should be followed more closely for high value information or information needed to mitigate high business risk.

Indicators of high value business information include that it:

  • is critical to business continuity and/or accountability
  • affects rights and entitlements
  • significantly affects workplace health and safety
  • is subject to a high level of scrutiny or has a high likelihood for legal action
  • involves large sums of public money
  • has a high potential for reuse by other agencies or the general public
  • is of long term value to the community and future generations

About the Standard

The Standard is based on eight Principles that provide the foundation for well-managed business information.

Principles

The Standard does not prescribe how agencies should meet the Principles. Australian Government agencies vary in size and complexity. Every agency has a unique information management environment with varying culture, risk tolerance, legacy systems and resources. Agencies should implement the Principles to meet their specific circumstances. For more information on the eight principles and supporting resources, see:

Principle 1: Business information is systematically governed

Proactively plan and implement information governance to manage business information as an asset to support immediate and future business outcomes, needs and obligations.

Principle 1: Recommended actions

Principle 2: Necessary business information is created

Create business information that is fit for purpose to effectively support business needs.

Principle 2: Recommended actions

Principle 3: Business information is adequately described

Describe business information so that it can be found, understood and accessed appropriately when needed.

Information that describes an information asset is known as metadata.

Principle 3: Recommended actions

Principle 4: Business information is suitably stored and preserved

Store business information securely and preserve it in a useable condition for as long as required for business needs and community access.

Principle 4: Recommended actions

Principle 5: How long business information should be kept is known

Analyse and document how long to keep business information to meet identified business and community needs.

Principle 5: Recommended actions

Principle 6: Business information is accountably destroyed or transferred

Keep business information for as long as required after which time it should be accountably destroyed or transferred.

Principle 6: Recommended actions

Principle 7: Business information is saved in systems where it can be appropriately managed

Manage needed business information in systems that protect its integrity and support trusted and reliable use.

Principle 7: Business information is saved in systems where it can be appropriately managed

Principle 8: Business information is available for use and reuse

Create and manage business information so that it can be effectively accessed over time by staff and other users with a right of access.

Principle 8: Recommended actions

In 2017, the Royal Commission into Institutional Responses to Child Sexual Abuse recommended a set of principles for keeping records relating to child safety and wellbeing.

For further information about this Standard and implementation guidance contact the Agency Service Centre.

Relationship between the Information management standard and Building trust in the public record policy