Information Management: A common approach

Similar documents
NSW Government Standard Approach to Information Architecture. December 2013 v.1.0

Transition Guidelines: Managing legacy data and information. November 2013 v.1.0

NSW Government Open Data Policy. September 2013 V1.0. Contact

Information Management Responsibilities and Accountability GUIDANCE September 2013 Version 1

DFS C Open Data Policy

NSW Data & Information Custodianship Policy. June 2013 v1.0

3. Ensure the management of information is compliant with legislative requirements to maximise the benefits and minimise risks;

Management of Official Records in a Business System

Digital Continuity Plan

Information Management Strategy. July 2012

Implementing an Electronic Document and Records Management System. Key Considerations

INFORMATION MANAGEMENT STRATEGIC FRAMEWORK GENERAL NAT OVERVIEW

ADRI. Statement on the Application of Digital Rights Management Technology to Public Records. ADRI v1.0

Corporate Records Management Policy

9. GOVERNANCE. Policy 9.8 RECORDS MANAGEMENT POLICY. Version 4

Records Management - Council Policy Version 2-28 April Council Policy. Records Management. Table of Contents. Table of Contents... 1 Policy...

Queensland recordkeeping metadata standard and guideline

WASTE MANAGEMENT DATA & INFORMATION MANAGEMENT POLICY STATEMENT

NSW Government. Cloud Services Policy and Guidelines

Information Circular

Records Management Policy

State Records Office Guideline. Management of Digital Records

Scotland s Commissioner for Children and Young People Records Management Policy

Records and Information Management. General Manager Corporate Services

Information Management

Strategy for Management in Canadian Jurisdictions

EXPLORING THE CAVERN OF DATA GOVERNANCE

Digital Archives Migration Methodology. A structured approach to the migration of digital records

Argyll and Bute Council. Information Management Strategy

Protective Marking Standard Implementation Guide for the Australian Government

Information Governance Policy A council-wide information management policy. Version 1.0 June 2013

WALIS DATA MANAGEMENT GUIDELINES

Polices and Procedures

Information and records management. Purpose. Scope. Policy

Microsoft SharePoint and Records Management Compliance

Spatial Information Data Quality Guidelines

COUNCIL POLICY R180 RECORDS MANAGEMENT

HSE P0801 HSE Document Control and Records Management Procedure

Information Management Advice 50 Developing a Records Management policy

MANAGING DIGITAL CONTINUITY

WARNING: You cannot rely on a printed version of this document to be current. Always check the DECCW intranet to ensure you have the latest version.

Mapping the Technical Dependencies of Information Assets

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

Privacy and Cloud Computing for Australian Government Agencies

Cloud Computing and Records Management

Using Keyword AAA: A thesaurus of common administrative terms

Records Management Policy

4.10 Information Management Policy

University of Stirling. Records Management Strategy I. Introduction

Information Management Policy

Data Governance Policy. Version October 2015

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

How To Manage Records And Information Management In Alberta

NSW Government. Cloud Services Policy and Guidelines

Council Policy. Records & Information Management

K-Series Guide: Guide to digitising your document and business processing. February 2014 LATEST EDITION

Digital Records Preservation Procedure No.: 6701 PR2

Records Management - Department of Health

Principles and Functional Requirements

december 08 tpp 08-5 Guidelines for Capital Business Cases OFFICE OF FINANCIAL MANAGEMENT Policy & Guidelines Paper

Information Management Advice 39 Developing an Information Asset Register

Earth Science Academic Archive

OPERATIONAL DIRECTIVE. Data Stewardship and Custodianship Policy. Superseded By:

Records Management Policy.doc

Corporate Policy and Strategy Committee

Add the compliance and discovery benefits of records management to your business solutions. IBM Information Management software

Information Communication Technology

Highland Council Information Security Policy

PRINCIPLES FOR ACCESSING AND USING PUBLICLY-FUNDED DATA FOR HEALTH RESEARCH

Discussion paper: Born digital, stay digital

Life Cycle of Records

Collection Acquisitions Policy

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

Information Management and Protection Policy

ADRI. Advice on managing the recordkeeping risks associated with cloud computing. ADRI v1.0

PRESENTATION TOPICS 2/27/2014. Why Update Policies? 21st Century Best Practices for Information Governance & Policies. Why update policies??

Implementing SharePoint 2010 as a Compliant Information Management Platform

Identifying Information Assets and Business Requirements

State Records Guideline No 15. Recordkeeping Strategies for Websites and Web pages

Information Governance Strategy & Policy

Records Management Standards. Records Management Standards for Public Sector Organisations in the Northern Territory

SRI LANKA SPATIAL DATA INFRASTRUCTURE ROAD MAP

Document Management in the FIPPA Era

Guideline 1. Cloud Computing Decision Making. Public Record Office Victoria Cloud Computing Policy. Version Number: 1.0. Issue Date: 26/06/2013

NSW Government Digital Information Security Policy

Queensland State Archives. Digital Rights Management Technologies and Public Records - A Guideline for Queensland Public Authorities

ANU Electronic Records Management System (ERMS) Manual

Digital Continuity in ICT Services Procurement and Contract Management

ADRI. Digital Record Export Standard. ADRI v1.0. ADRI Submission Information Package (ASIP)

OFFICIAL. NCC Records Management and Disposal Policy

ENTERPRISE CONTENT MANAGEMENT. Trusted by Government Easy to Use Vast Scalability Flexible Deployment Automate Business Processes

INTEGRATING RECORDS MANAGEMENT

Records and Document Management

Transcription:

Information Management: A common approach July 2013

Document Control Document history Date Version No. Description Author July 2013 1.0 Final Department of Finance and Services October 2013 1.1 Updated IM Framework snapshot Figure 1; Added Figure 3 Department of Finance and Services Approvals Name Date ICT Leadership Group 17/07/2013 Document custodian Name Signature Department of Finance & Services, Strategic Policy Page 2 of 12

CONTENTS Document Control... 2 1. INTRODUCTION... 4 2. IMPLEMENTATION AND REVIEW... 6 3. SCOPE... 6 4. APPROACH TO INFORMATION MANAGEMENT... 7 5. PRINCIPLES... 8 6. APPROACH TO STANDARDS... 9 7. CRITERIA... 10 8. RELATED GUIDANCE... 11 9. CONTACT... 11 APPENDIX A RELATED DOCUMENTS... 12 Page 3 of 12

1. INTRODUCTION 1.1 About this document The purpose of this document is to provide a foundation for the Information Management Framework and to help agencies implement best practices for managing information across the NSW public sector. This guidance outlines a common approach for NSW Government to: managing data and information; and implementing standards for data and information. 1.2 Information Management Framework A key initiative of the NSW Government ICT Strategy is the development of an Information Management Framework (the IM Framework) to support the way government administers and uses data and information. The Framework is a coherent set of standards, policies, guidelines and procedures which are implemented either manually or, where possible, automated through technology. This will allow data and information to be managed in a secure, structured and consistent manner. It will ensure that data and information can be appropriately shared or re-used by agencies, individual public sector staff, the community or industry for better services, improved performance management and a more productive public sector. The Framework will continue to develop over time. Figure 1 below provides a snapshot of components which are currently in development. Outcomes Govern Collect Organise Secure Use Share Maintain Legislation Data-centric system design Record keeping standards Info Sec Policy M2012-15 Spatially enable data Open Data Policy OpenGov IM Principles Data quality standards Metadata standards Security Classification guidelines Centres of Excellence Open Access Licensing Digital State Archive Outputs Custodianship Policy Data integration standards Privacy management guidance Business case / IM benefits guide Data.nsw Transition guidelines Responsibility and Accountability Public access (GIPAA) guidance Info risk assessment Information Architecture Directory of info assets Data retention & disposal Sources of Authority Change mngt guidance Inputs People Technology Data Funding Figure 1 - Information Management Framework Page 4 of 12

1.3 A common approach to information management Data and information are resources of critical importance to NSW Government. They flow through every work process, impact every decision, and hold the potential for insight and innovation. To realise their potential value, data and information must be managed strategically, in a coordinated and consistent approach across government. This approach encourages agencies to recognise the value of their information assets. It assists them to build good information management practices into business-as-usual processes. Accurate, reliable data and information will then be readily available to support evidence-based policy and effective service delivery. Common standards for information management support the exchange of information between agencies and facilitate streamlined management reporting. The principles-based approach outlined in this document has been developed through consultation with agency and industry representatives, in line with best practices and the strategic direction of NSW Government. The following table summarises the benefits of defining a common approach to information management and standards; and the risks of not doing so. Table 1: Benefits of a common approach to information management and risks of non-adoption BENEFITS Agencies can adopt and implement the same standards or processes for ICT and IM projects across the public sector Relevant policies and standards are easier to identify Easier to identify areas of potential overlap or duplication of effort Possible to establish Centres of Excellence, training or workshops to share and build on common experience Manage public expectations about the quality and availability of government data or information RISKS Different agencies may adopt or implement a variety of standards and processes for ICT or IM projects or may not apply standards Each agency undertakes the same research to develop policies or identify standards Opportunities for data sharing or pooling of resources may be overlooked Each agency invests resources to follow the same learning curve by trial, error and review Public may experience variable degrees of quality and availability; may hold unrealistic expectations Page 5 of 12

2. IMPLEMENTATION AND REVIEW The approach outlined in this document will inform the development of the Information Management Framework. It will inform the development of policies and the identification of relevant standards for use across NSW Government. Specific guidelines in support of particular policies or standards may be issued as part of the broader IM Framework. The guidance in this document may also be of assistance to agencies in drafting internal policies and procedures, or implementing standards for data and information management according to their specific business needs and operating environment. Some examples of ways in which this guidance might be used by agencies include: to understand or explain the rationale behind the Information Management Framework; developing or evaluating information management practices in the agency, to determine whether key systems or processes are being effectively managed; as text to be included in a project plan, business case or funding request, linked to the NSW Government ICT Strategy. This approach is subject to review every two years, or as appropriate. 3. SCOPE This guidance applies to all NSW Government Departments, Statutory Bodies and Shared Service Providers. It is recommended for use by State Owned Corporations, particularly where the organisation has adopted or is subject to any of the documents indicated in Appendix A. Page 6 of 12

4. APPROACH TO INFORMATION MANAGEMENT Technology is now an integral part of daily life and doing business. Across the public sector, staff at all levels are required to handle information assets in the course of routine operations, at multiple points in the lifecycle. It is essential that information management support is seamlessly integrated into systems and work processes. The goal of information management is to enable organisations to control and administer information assets throughout their lifecycle that is, to capture, distribute, use, maintain and dispose of data and information in a secure, efficient and accountable manner. The NSW Government approach to data and information management is structured around key stages of the information lifecycle. The principles of this approach have been framed in terms of intended outcomes for NSW Government agencies, citizens and organisations. By considering the desired outcomes across all stages of the lifecycle, data and information can be managed in support of better service delivery and better value investment. Figure 2 below illustrates the outcomes-based approach to information management. These principles provide high-level direction for managing NSW Government data and information in support of better services and better value investment. Figure 2 - Information Management Outcomes Page 7 of 12

5. PRINCIPLES NSW Government will adopt an outcomes-driven approach to data and information management, based on the following seven principles. NSW Government data and information are: Governed Collected Organised Secured Used Shared Maintained as assets of strategic, operational and administrative value to NSW Government agencies; in a manner that is transparent and accountable to NSW citizens and organisations. to document or facilitate delivery of services and the functions of NSW Government agencies; with respect for the privacy of NSW citizens and the confidentiality of NSW organisations; once, according to agreed standards that support relevance, accuracy and consistency so they are fit for purpose reliable, and can be, where appropriate, re-used by NSW Government agencies to improve service delivery or management reporting. described and linked to related data or information, so they are easy for NSW Government agencies to search, retrieve, use and compare; identified and integrated into systems that allow NSW Government agencies to routinely track and manage them according to their value. against unauthorised access, alteration, loss or deletion, to ensure their integrity and ongoing value to NSW Government agencies; using controlled and auditable processes that demonstrate to NSW citizens and organisation the protection of sensitive data and information. to support planning, decision making, resource allocation, reporting, communications and transactions by NSW Government agencies; processed and analysed by NSW Government agencies to develop evidencebased policy and deliver targeted services to NSW citizens and organisations; and re-used, so NSW Government agencies derive maximum benefit from their investment in these assets. with respect for the privacy of NSW citizens and the confidentiality of NSW organisations; with other NSW Government agencies to reduce duplication of effort, streamline service delivery and provide a consolidated view of customer needs or public sector performance; published and made available for discovery, where appropriate, by NSW citizens and organisations, providing opportunities to communicate, consult and collaborate or to engage in value-added processing, analysis and development. using cost-effective, risk-based measures that facilitate business continuity for NSW Government agencies; to ensure their availability and reliability, for as long as they support service delivery and accountability by NSW Government agencies; and then systematically destroyed when their use and value has ceased, to minimise the costs and risks to NSW Government agencies of over-retention; or systematically archived to protect the enduring rights and interests of NSW citizens and organisations. Page 8 of 12

6. APPROACH TO STANDARDS The IM Framework seeks to employ a collaborative approach to the use of data and information standards. Standards and policies will be incorporated into the Framework where existing or potential business needs and opportunities are recognised. Agencies will refer to the Framework, seeking standards that are applicable to a specific project, process or corporate objective. This interaction will enable ongoing development of the Framework in response to agency needs. Standardisation will be attractive where it helps to maximise the use and value of information or minimise the cost and risk associated with information. Mandatory directives should only be issued where there is a high-level risk or benefit associated with overall consistency across NSW Government. Information security provides an example of one area where a uniform strategy offers significant advantages. Figure 3 below illustrates the collaborative, business-driven approach to standards. Figure 3 Criteria for Data and Information Management Standards NSW Government strives for best practice data and information management. Standards must also acknowledge a current state, providing for phased implementation or incremental development as time, resources and system capability allow. Data and information management must be addressed enterprise-wide. Standards will provide support for: people (their roles, rights, responsibilities); processes (including policies procedures and metrics); and technology (for efficient search, sharing and information management). Page 9 of 12

Where possible, the Framework will identify existing standards that are in use either within NSW agencies, similar jurisdictions or in a relevant industry sector. Standards should be accepted, proven, and require limited (if any) modification to be implemented in NSW Government. Standards will be agreed and endorsed through the appropriate working groups and communities, and approved through the governance arrangements established under the NSW Government ICT Strategy. Identified standards, policies and guidelines will continue to be published to ensure the IM Framework aligns with agency needs and accords with recognised best practices. Key resources will be made available through a single portal, providing links to the sources of authority for managing data and information across all stages of the lifecycle. 7. CRITERIA NSW Government will adopt a business-driven approach to standards for data and information, based on the following five criteria. Standards incorporated into the IM Framework are: Aligned Relevant Proven Aspirational Enterprise-wide align with the information management principles, so they are connected to corporate outcomes and strategic direction; enable the information management principles to be put into practice and realised. are relevant to the specific business needs, objectives and operating environment of NSW Government agencies, so that their business value is evident; address an identified requirement, risk or opportunity for information management. have been proven, demonstrated or established in practical setting, so they require minimal customisation to be implemented; are endorsed or accepted by the relevant industry sector or professional community. aspire to best practice data and information management, recognising the value of continuous improvement; build on a working baseline, through support for phased implementation or incremental development. may impact any aspect of agency operations, so data and information management requirements are addressed enterprise-wide; provide support and guidance for developing people, processes and technology. Page 10 of 12

8. RELATED GUIDANCE This document is consistent with: guidance provided by the NSW State Records Authority on responsibilities for records management; guidance provided by the NSW Information and Privacy Commission on responsibilities for information access and privacy; and responsibilities for information security outlined under Premier s Memorandum M2012-15 Digital Information Security Policy. 9. CONTACT For assistance with any aspect of this document, please contact: Principal Policy Officer (Information), Strategic Policy Department of Finance & Services McKell Building, 2-24 Rawson Place, SYDNEY NSW 2000 (02) 9372 8291 Page 11 of 12

APPENDIX A RELATED DOCUMENTS Legislation Legislative instruments relating to information management in NSW Government include: State Records Act 1998 (NSW) Government Information (Public Access) Act 2009 (NSW) (GIPAA) Privacy and Personal Information Protection Act 1998 (NSW) Health Records and Information Privacy Act 2002 (NSW) Copyright Act 1968 (Cth) Australian and International Standards This approach aligns with accepted standards and best practices, including: AIIM (Association for Information and Image Management) approach to information governance ARMA International. (2009). Recordkeeping principles Australian Standard AS/ISO 15489 Records management Australian Standard AS/ISO 23081 Records Management Processes Metadata for Records ISO 16175 Principles and Functional Requirements for Records in Electronic Office Environments MIKE2.0 (Method for an Integrated Knowledge Environment) open source methodology for enterprise information management NSW Intellectual Property Management Framework for the NSW Public Sector Guidelines Standard on Digital Recordkeeping, Standard on Full and Accurate Records, Standard on Managing a Records Management Program, and all related standards issued by State Records NSW Policies, strategies, guidance This approach supports information management policies, strategies and guidance in effect or accepted for use in NSW, including: ABS Data Quality Framework Cth (2009) Information Security Management Guidelines Australian Government Security Classification System (Cth) (July 2011) M2012-10 Open Government M2012-15 NSW Government Digital Information Security Policy NSW Data and Information Custodianship Policy NSW Government ICT Strategy Page 12 of 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information