STANDARD FOR RECORDS, INFORMATION AND DATA
To set the minimum standard and principles for records, information and data management in the ACT Public Service.
Records are evidence of business activity. The Territory Records Act 2002 defines them as ‘information created and kept, or received and kept, as evidence and information by a person in accordance with a legal obligation or in the course of conducting business’.
While the term ‘record’ has a specific meaning, in practice it can at times be difficult to distinguish between records and other types of information or data. Although the Act only applies to records, its principles can be applied to all ACT Government information and data holdings. The Territory Records Office recommends this approach. If there is doubt as to whether ACT Government information or data meet the definition of a record, the standard should be applied.
In ACT Government organisations (directorates, agencies, offices, and so on) records, information and data are important assets, and some are vital to ACT Government functions. They help to inform, plan for and achieve outcomes that are relevant and valuable to the community, business and government.
Records, information and data help to:
- drive collaboration and communications
- preserve knowledge for reference and re-use by the community and government;
- provide the foundation for sustainable and effective products and services;
- outline responsibilities;
- support decision-making;
- document rights and entitlements;
- make up the corporate memory of an organisation; and
- provide stakeholders with transparency around, and accountability for, government operations.
To support the benefits identified above, records, information and data need to be:
- trustworthy, and managed accountably;
- readily accessible, understandable, useable and securable;
- valued as critical to business operations;
- governed by appropriate risk management approaches; and
- maintained to meet business, government and community purposes.
To achieve these outcomes, records, information and data must be supported by effective governance and management processes. This standard establishes the requirements for effective records, information and data management. It is designed to assist ACT Government organisations and their employees to meet their legislative responsibilities in accordance with the Act.
Applying this standard will assist ACT Government organisations to:
- create trustworthy, useful and accountable records, information and data in evolving business environments;
- ensure that meaningful, accurate, reliable and useable records, information and data are available whenever required for government business and community needs;
- sustain and secure the records, information and data needed to support both short and long-term business outcomes;
- enable the reliable sharing of records, information and data;
- automate governance, sharing and continuity processes;
- preventing unnecessary digital and physical storage and management costs; and
- proactively protect and manage the records, information and data that provide ongoing value to government business and the ACT community.
The ACT Government’s records, information and data management practices will encourage open and accountable government by ensuring that Territory records are managed and preserved in accessible formats to meet business requirements and community expectations.
To achieve this, the following principles apply.
Principle 1: Strategy Principle
Organisations must strategically manage records, information and data by following guidelines for:
- developing a Records Management Program; and
- developing and promulgating a Records, Information and Data Management Policy and supporting procedures and guidelines.
Principle 2: Capability Principle
Organisations must establish and maintain appropriate records, information and data management capabilities by following guidelines for:
- identifying and providing financial, human and other resources for records, information and data management ;
- planning for and measuring the performance of records, information and data management activities; and
- reviewing and improving performance to meet the changing requirements of government business.
Principle 3: Assess Principle
Organisations must assess their records, information and data management requirements by following guidelines for:
- establishing processes for identifying the records, information and data they need to create and keep;
- ascertaining the significance of their records, information and data; and
- managing records, information and data in accordance with their significance and other factors.
Principle 4: Describe Principle
Organisations must deliberately control records, information and data by following guidelines for:
- ensuring appropriate and sufficient descriptive elements are incorporated into the systems managing records, information and data; and
- ensuring the descriptive elements are managed appropriately so the authenticity, usability and reliability of the records, information and data are protected.
Principle 5: Protect Principle
Organisations must manage the appropriate storage and preservation of records, information and data by following guidelines for:
- identifying their records, information and data protection requirements; and
- ensuring appropriate protection measures are in place.
Principle 6: Retain Principle
Organisations must identify the retention requirements of records, information and data by following guidelines for:
- assessing which of their records, information and data must be retained in perpetuity;
- assessing which of their records, information and data are eligible for destruction; and
- ensuring destruction of records, information and data is managed appropriately, in accordance with legislative and security requirements.
Principle 7: Access Principle
Organisations must support the access to and openness of records, information and data by following guidelines for:
- encouraging openness of records, information and data;
- ensuring records, information and data can be found, accessed, used and re-used when appropriate; and
- enabling appropriate public access.
In accordance with the Territory Records Act 2002 the principal officer must ensure that an ACT Government organisation complies with the Act and this standard.
This standard applies to all ACT Government employees: full-time and part-time staff, volunteers, contractors and outsourced providers.
This standard covers records, information and data in all their formats (digital and physical). It has been designed to support records, information and data as the ACT Government transitions to digital business processes.
Underpinning this standard is the need to ensure that business is supported by robust governance structures and records, information and data management practices.
This standard is produced in accordance with section 18 of the Territory Records Act 2002, (the Act), which allows the Director of Territory Records to approve standards or codes for an organisation’s records management.
Under section 17 of the Act, an organisation’s principal officer may only approve a Records Management Program that complies with the standards and codes set by the Director of Territory Records.
This standard will be reviewed as soon as practicable five years after its commencement.
To assist ACT Government organisations to implement this standard, the Territory Records Office has developed a range of tools:
- seven guidelines detailing the seven principles contained within the standard; and
- a self-assessment checklist for ACT Government organisations to use to assess their records, information and data management capabilities.
For more information about this standard, the guidelines and self-assessment checklist, please contact the Territory Records Office.