Guideline: System information management plans
Introduction
Records are stored and managed in a range of systems in the University to ensure compliance with the ANU Records Management Policy and Procedure.
This plan:
- Ensures that all systems approved for records storage and management is included in a register within the record management framework
- Provides guidance for data about the system including software, business owners, how it will be managed over its life and details about its assessment against the framework, and
- Enables integration with ANU’s approach to Data Governance.
The template for systems is recorded below and complements Data governance templates.
System detail | System | Plan or Action |
System name and full product name | ||
System common name or abbreviation | ||
Business owner (Division, College, School) | ||
Business processes supported by system | ||
External or internal use only? | ||
Security classification | ||
System Executive | ||
System/business owner |
PHASE 1 – Risk assessment | Yes – Document details | No – Document details |
System name / full product name | ||
1.1 Does or will the system hold unique information or data (that is not duplicated elsewhere)? | ||
1.2 Is or will the information or data: . be the authoritative source of truth, | ||
1.3 Is the risk or value of the information high enough to warrant additional controls to ensure that it is trustworthy? | ||
1.4 Is there sufficient business benefit for managing disposal within the system before decommissioning? | ||
1.5 Are you likely to access the information or data beyond the expected life of the system? | ||
1.6 Do or will you need to keep the information or data for longer than the expected life of the system? |
PHASE 2 – Assessment of information management functionality Module 1: Information is trusted | Yes – Document details | No – Where a risk or gap was identified in Phase 2 – indicated by a 'No' response – document the solution to address the risk or functionality gap identified. |
2.1.1 Can or will you be able to prove the information or data is authentic? | ||
2.1.2 Can or will you be able to identify or prevent unauthorised changes to the information or data? | ||
2.1.3 When you access information or data, can or will you be able to access all relevant parts of it? | ||
2.1.4 Does or will the system meet the Archives' minimum metadata requirements? |
Module 2: Disposal is accountable | Yes – Document details | No – Where a risk or gap was identified in Phase 2 – indicated by a 'No' response – document the solution to address the risk or functionality gap identified. |
2.2.1 Is or will disposal be controlled, systematic and recorded? | ||
2.2.2 Where there is more than one disposal class, can or will you be able to manage the different disposal classes? | ||
2.2.3 Can or will you be able to manage the system's control records in line with your accountability needs? | ||
2.2.4 Is or will destruction be in line with the Information Security Manual and other relevant policies? |
Module 3: Export – import | Yes – Document details | No – Where a risk or gap was identified in Phase 2 – indicated by a 'No' response – document the solution to address the risk or functionality gap identified. |
2.3.1 Are you or will you be able to export the information or data in a usable format? | ||
2.3.2 Are you or will you be able to import information or data into the system? |
Module 4: Reporting | Yes – Document details | No – Where a risk or gap was identified in Phase 2 – indicated by a 'No' response – document the solution to address the risk or functionality gap identified. |
2.4.1 Can or will the system generate reports on your information or data management processes? | ||
2.4.2 Can or will the system create automatic alerts in response to specific triggers? |
Information |
Printable version (PDF) |
| Title | Guideline - Template for System Management plans |
| Document Type | Guideline |
| Document Number | ANUP_6754707 |
| Version | 2 |
| Purpose | Template for effective system management plans. |
| Audience | Staff |
| Category | Administrative |
| Topic/ SubTopic | Information Management - Records & Archives |
| Effective Date | 1 Nov 2022 |
| Next Review Date | 1 Nov 2027 |
| Responsible Officer: | University Librarian and Director, Scholarly Information Services |
| Approved By: | Vice-Chancellor |
| Contact Area | Library, Archives and University Records |
| Authority: |
Archives Act 1983 Electronic Transactions Act 1999 Evidence Act 1995 Freedom of Information Act 1982 Privacy Act 1988 Information Infrastructure and Services Rule 2020 |
| Delegations | 398, 399 |
|
Information generated and received by ANU staff in the course of conducting business on behalf of ANU is a record and should be captured by an authorised recordkeeping system. To learn more about University records and recordkeeping practice at ANU,
see ANU recordkeeping
and Policy: Records and archives management.
|
|
Related Content |
|||||
|
Policy |
|
||||
|
Procedures |
|
||||
