+ All Categories
Home > Documents > E&C REPORT -17 MAY 2021 - CLAUSE B - ATTACHMENT D

E&C REPORT -17 MAY 2021 - CLAUSE B - ATTACHMENT D

Date post: 14-Jan-2022
Category:
Upload: others
View: 1 times
Download: 0 times
Share this document with a friend
5
E&C REPORT -17 MAY 2021 - CLAUSE B - ATTACHMENT D
Transcript

E&C REPORT -17 MAY 2021 - CLAUSE B - ATTACHMENT D

Version 2.0

ICT23 INFORMATION ASSET AND RECORDKEEPING POLICY

OVERVIEW

This policy supports Brisbane Vision 2031, Corporate Plan 2016-17 to 2020-21 -2017 Update, Future Council Organisational Strategy and Council's corporate /CT Strategy.

Managing Council's physical and electronic information (including data, information assets and records) by applying records controls, supports the efficient and effective operation of the organisation. Information is one of Council's key resources and a vital element of organisational processes. It is used to inform decision-making and is valued and managed as an asset.

The recordkeeping component of this policy has its foundation in the Public Records Act 2002 (the Act). Council must comply with the requirements of the Act, this policy and the standards and guidelines issued by the State Archivist in relation to the making, keeping, preserving, managing and disposing of public records. Other legislation and Queensland Government Information Standards also affect Council's record keeping responsibilities.

APPLICABILITY

This policy applies to Council employees regardless of their employment status, role or position — permanent, temporary, casual or part-time employees. This includes: • executives, managers, supervisors, team leaders, employees on professional services (PSE)

and specialist and senior professional (SSP) contracts, apprentices and trainees, team members and individuals, regardless of whether they work full-time or part-time or on a flexible employment arrangement

• contractors, consultants and labour hire workers who perform work for Council under a contract for services

• employees of other organisations or agencies who are working in Council on a secondment arrangement

• students doing unpaid work experience or unpaid placements and volunteers.

It also applies to Councillors, in relation to public records.

LEGISLATION

City of Brisbane Act 2010 City of Brisbane Regulation 2012 Crime and Corruption Act 2001 Electronic Transactions (Queensland) Act 2001 Evidence Act 1977 Information Privacy Act 2009 Judicial Review Act 1991 Public Records Act 2002 Public Sector Ethics Act 1994 Right to Information Act 2009

DEFINITIONS

Data means quantitative and qualitative facts and perceptions and may be numbers, words, images or sounds.

Data management means the valuing and managing of data as a strategic asset of Council with the same rigour as that applied to other strategic assets.

Information means any collection of data that is processed, analysed, interpreted, classified or communicated, in order to serve a useful purpose, present fact or represent knowledge in any medium or form. Information includes presentation in electronic (digital), print, audio, video, image, graphical, cartographic, physical sample, textual or numerical form. Information may also be a public record, or an information asset if it meets certain criteria.

17511111m Ej BRISBANE CITY

Dedicated to a better Brisbane

CA19/655899 Printed: 6 May 2021 OFFICIAL Page 1 of 4

Council information includes, but is not limited to, electronic documents and records (including those stored in Council's electronic document and records management system), electronic messages, data stored and managed in Council's email management system, business systems or data storage systems, paper-based information and information published to websites.

Information asset means a collection of data or records which should be proactively managed as a Council asset of value. Not all collections of data or records would require full information asset management, though all should be managed in line with this corporate policy. Information Services, Organisational Services, can support information owners in determining the appropriate management.

A record means recorded information created or received by Council in the transaction of business or the conduct of affairs that provides evidence of Council business or affairs. A record includes: • anything on which there is writing • anything on which there are marks, figures, symbols or perforations having a meaning for

persons, including persons qualified to interpret them • anything from which sound, images or writing can be reproduced with or without the aid of

anything else • a map, plan, drawing or photograph.

A public record is any of the following records • A record made for use by, or for a purpose of, Council. • A record received or kept by Council in the exercise of its statutory, administrative or other

public responsibilities or for a related purpose. • A public record includes a copy of a public record and a part of a public record, or a copy of

a part of a public record.

A record received or created by a Councillor is considered a public record when it relates to their responsibilities under the City of Brisbane Act 2010 and is related to the administration of Council's business. Anything created, received or kept in an official capacity as a Councillor is part of Council's public record, for example: • a letter addressed to a Councillor from a constituent relating to Council business • an internal memorandum a Councillor has written to the Chief Executive Officer • a Councillor's diary of Council-related appointments and meetings • posts on social media or any other application about Council-related matters that relate to

responsibilities under the City of Brisbane Act 2010.

Public records may also be created where Council has outsourced business processes to external agencies. Council records generated through these outsourced arrangements are subject to this policy.

Records management means the act of making and keeping evidence and memory of Council business, in the form of recorded information.

Records controls: means controls that relate to the management and status of permanent, high-value and high-risk records: • record creation and capture • record classification • record storage and preservation • record security and access • record retention and disposal.

OUTCOMES

Council will manage information assets through an Information Management Governance Framework.

Council will have electronic and paper-based information assets and records that are well-managed and accessible and handled in a manner compliant with relevant legislation and standards, including confidentiality provisions.

CA19/655899 Printed: 6 May 2021 OFFICIAL Page 2 of 4

Council business systems will incorporate recordkeeping principles, ensuring information contained in business systems is managed by applying records controls, in a manner consistent with legislative and administrative requirements.

Employees will have access to full and accurate Council records and information to assist in fulfilling their work responsibilities, including decision-making.

PRINCIPLES

The following principles underpin information asset management and recordkeeping in Council. Council is working to ensure that these principles are applied to all corporate information assets, systems, records and holdings. • Information is used for the benefit of the community and Council's customers, to further

Council's commercial needs and to integrate with information held by partner agencies. • Council promotes open access to its data, information and records, including the City

Archives, in line with the above noted legislation, and in accordance with Council's Information Security Classification Framework.

• Information is a valued Council asset and must be managed, accessible, discoverable and usable.

• Management and custodianship of information must comply with legal and administrative provisions by applying records controls, including retention and disposal.

• Information is managed to ensure its accuracy and integrity, improve its usefulness, protect Council's intellectual property and limit liability through the application of appropriate quality and security measures.

• Information is collected once only, from the right source, first time. • Information is stored once only in the most appropriate format, subject to practicality and

business requirements. While duplicates may be in use, the principle is to know and use the master source.

• Information is described, classified and indexed consistently across Council using standardised classifications, schemes and codes.

POLICY

The Act requires Council to ensure that "public records are made, managed, kept and, if appropriate, preserved in a useable form for the benefit of present and future generations".

Council will: • manage its information assets as a key strategic resource to support Council's vision and

goals, making them available, as appropriate, to employees, Councillors, customers, residents of the city and the community

• develop and maintain an Enterprise Information Management Strategy to ensure information management directions and initiatives meet business needs

• establish and maintain information governance and custodianship to ensure efficient and effective information management in accordance with legislative and regulatory requirements, including ensuring confidential, sensitive and personal information is accessible only when authorised and is used appropriately

• maintain full and accurate records to the extent necessary to: • facilitate action by employees at any level of Council, and their successors • document decisions and decision-making processes for policies, programs and

service delivery • enable timely and accurate information to be discovered on all relevant Council

matters using consistent search tools and techniques • facilitate audits of the conduct of business by authorised auditors • assist in compliance management for specific types of information • protect the financial, legal, intellectual and other rights of Council, the public and

others affected by Council's actions and decisions • minimise risk to Council • retain records in accordance with Queensland State Archives Retention and

Disposal Schedules • preserve information assets of historical value and significance to Council and the

community for future availability and use as approved by the City Archivist

CA19/655899 Printed: 6 May 2021 OFFICIAL Page 3 of 4

where practical, use electronic systems as the preferred means of creating, using and managing information. Metadata describing the information will be included to enable users to understand its content, potential value and limitations. Paper based records will be produced only when required for business or preservation purposes.

AUTHORITY

Approved Council — 10 February 2009 (First approval) Last reviewed with no amendments —30 June 2015 Approved Council — TBC (Version 2.0 approval)

POLICY OWNER

Chief Information Officer, Information Services, Organisational Services

FURTHER ASSISTANCE

Branch Strategy Governance and Compliance Manager, Information Services, Organisational Services

RELATED INFORMATION

Brisbane Vision 2031 Compliance intranet corporate /CT Strategy Enterprise Information Management (EIM) Strategy and Roadmap (CA17/2621) Secure Handling and Disposal of Information Guide Good Recordkeepinq intranet Information Management Governance in Council Framework Information security intranet Information security labels (classification) intranet Records management intranet Records Manager system intranet HRP040 Code of Conduct AP008 Archives Management Policy ICT22 Information and Communications Technology Policy ICT29 Information Security Labelling and Protection Guideline AP174 Privacy Policy and Privacy intranet ICT24 Recordkeepinq in Brisbane City Council Guideline AP187 Right to Information and Information Privacy Procedure Queensland Government — Overview of recordkeeping for public authorities webpage Queensland Government — Records Governance Policy IS44 Information Asset Custodianship Policy Queensland Recordkeepinq Metadata Standard and Guideline

REVIEW DATE

Due: May 2023 Last reviewed: May 2021

CA19/655899 Printed: 6 May 2021 OFFICIAL Page 4 of 4


Recommended