Ngā āheinga whakahaere mōhiohio, mauhanga hoki
Information and records management capability
The statements below are drawn from the Information and records management standard issued in July 2016. The statements and questions are not exhaustive, they are a starting point to assist an Executive Sponsor in understanding their organisations information and records management capability.
16/F21 v.3, approved July 2024
Please note that the PDF of this page has been removed because the content is the same and our website has a feature to print a webpage. You can also see a preview of this by using the print command (CTRL + P). If you still require a PDF version, please contact us at rkadvice@dia.govt.nz
Statement | Questions |
---|---|
The strategy and policy adopted supports information and records management | 1. Do we have an information and records management strategy and policy? If not, what is being done about it? Is there a plan? 2. Are we able to demonstrate that the information and records management strategy and policy are relevant, current and adapted to our business context, i.e. do they support operational delivery? 3. How do we monitor the implementation of the strategy and policy? 4. Does the policy reflect the legislative responsibilities of our organisation? 5. Do the strategy and policy include staff responsibilities as well as the Executive Sponsors oversight of information and records management? |
Strategic and operational planning aligns information and records management with our corporate objectives and business activities | 1. Does capability development take into consideration information and records management? 2. Is information and records management included in the procurement process when choices of solutions and technologies are made regarding business activities and services delivery? 3. Does the information and records management strategy refer to, or is it included in, other strategic frameworks (If yes, which ones)? 4. Have we identified and valued our information assets? 5. Do we consider information and records management in risk assessment and management? 6. Do we have a formal process for implementing corrective actions if required? |
The budget for information and records management, and the resources needed to support information and records management are known and included in funding decisions | 1. Are we able to identify budget allocations for information and records management? 2. Are the resourcing implications in the strategy and BAU considered? 3. What is the percentage of overall budget? 4. How is it broken down? |
Information and records management is integrated into work processes, systems and services | 1. Do we have an Information Assets Register? Is there a process in place to maintain it? 2. Do business owners and business units take responsibility for ensuring that information and records management is integrated into new and current business processes, systems and services? Are information and records management staff involved in this process? 3. Do we have any documentation of processes, systems and services in our organisation which identifies critical points of impact on information and records management delivery? 4. Are high risk/high value areas of business documented, including identification of information and records needed to support them? 5. Are systems holding information and records of high risk/high value identified, monitored, protected and decommissioned appropriately (if required)? 6. Do we have a migration strategy in place? And if yes, is it implemented? 7. Do we address information and records management matters in our business continuity strategy and plans? |
Staff with appropriate skills are available to implement information and records management strategies | 1. How is information and records management currently resourced in our organisation? If there are gaps, are there plans to address them? 2. Are the information management capability requirements regularly assessed to address business needs? 3. Do we outsource any information and records management activities? If yes, which ones? 4. Is responsibility for information and records management assigned to appropriate staff, documented in policy, job descriptions, performance plans, and service agreements (for contractors)? 5. Do we ensure a close working partnership between information and records management staff and our ICT services? 6. Is there access for information management staff to related professional development? |
Monitoring and reviewing information and records management is implemented, transparent, and meets business needs | 1. Do we have a monitoring process in place for information and records management activities? 2. What reporting is done and how often? 3. Do we undertake system audits on a regular basis? 4. Do we implement any corrective actions and how are problems addressed? 5. Do we have assurance processes in place that include information and records management? |