Definition
Information asset management refers to the processes and procedures used to create and manage information assets to effectively deliver information, insights, and services to the public at the right time in the right format. Information assets need to be efficiently managed from creation and should be appropriately destroyed once their value has ceased.
Information assets include data, information, and records. These terms are sometimes used interchangeably and their meaning can be context specific. Within the context of this AGA capability, the following definitions have been used:
- Data: Raw letters, numbers, pictures, etc. with or without context
- Information: Data that has meaning/context and adds value for the user
- Records: Information created, received, and maintained as evidence and as an asset, by an entity, as part of business processes.1
In the Australian Government context, any information asset created or maintained by a Commonwealth entity is a record under Section 3 of the Archives Act 1983 (Cth). The Act defines a record as any form of documented information kept because of the information that can be derived from it or its connection with an event, person, circumstance, or thing. Digital information assets may be created2:
- by office applications such as word-processed documents, spreadsheets, presentations, and desktop-published documents
- in online and web-based environments such as intranets, internets, and public websites
- by business information systems such as databases, digital/media asset management systems, geospatial data systems, human resources systems, financial systems, workflow systems, client management systems, and electronic document and records management systems (EDRMS)
- by digital communication systems such as email, SMS (short messaging services), MMS (multimedia messaging services), voicemail, instant messaging, video conferencing and teleconferencing
Data Security, an AGA capability under the cyber security domain, refers to protecting the information collected, processed, and stored on digital and ICT systems and networks. It encompasses protecting both information asset infrastructure, and information assets from unauthorised access, disclosure, alteration, or destruction. This safeguards the confidentiality, integrity, and availability of information assets against various cyber threats and vulnerabilities.
1 Based on the definition of a record in AS ISO 15489 – 1: Information and documentation – Records management, Part 1: Concepts and principles.
2 Types of information | naa.gov.au.
Purpose
Information asset management is a fundamental enabling capability for almost all ICT investments, and is an area heavily tied to legislation due to the potential sensitivity of information retained by Commonwealth entities.
Effective digital information asset management is realised through:
- appropriate creation, description, maintenance, use, preservation, secure storage and disposal of digital data, information, and records
- compliance with regulatory requirements
- consistent application of standards, policies, and procedures across entities
- successful deployment and sustainable scaling of existing and new ICT solutions, supporting digital information assets to serve as strategic assets rather than liabilities.
Objective
The objectives of this Australian Government Architecture (AGA) content are to:
- align and strengthen best practices of information asset management, to contribute to the Australian Government’s data and digital agenda
- ensure that information assets are available as a resource for use and re-use by government and community to achieve government outcomes, drive innovation, increase economic productivity, and enhance social and cultural outcomes
- reduce implementation risk of digital and ICT solutions through the reuse of proven designs within government
- ensure that new information asset management digital and ICT solutions draw efficiency from preceding investments, implementations, and learnings
- foster consistency across entities in technologies, data, and workflow.
Whole-of-Government Applicability
The value and necessity of sound digital information asset management becomes evident as entities expand their digital solutions. Scaling often involves handling larger volumes of information, from diverse sources, and of increased complexity, making it imperative to have organised and well-maintained data repositories.
Reliable digital information asset management supports evidence-based and faster decision-making processes, enhances overall system performance, and facilitates seamless integration with other systems. Further, it contributes to compliance with regulatory requirements, safeguarding against data breaches and addressing privacy concerns. Sound information asset management requires a collaborative approach between records, information and data management teams, digital and ICT areas, and other business areas including legal and compliance sections.
Collaborative partnerships within an entity and across government will lead to good digital information asset management practices, forming the foundation for successful deployment and sustainable scaling of digital and ICT solutions.
Policy Elements
-
Comply with legislation
Establish robust practices that align with all relevant legislation, including (but not limited to) the Data Availability and Transparency (DAT) Act 2022 (Cth), the Archives Act 1983 (Cth), and the Privacy Act 1988 (Cth).
-
Share and collaborate
Prioritise the transparent and collaborative governance of information assets. Align with common data ontologies, release non-sensitive data openly, optimise public data use. Share data with states and territories, partner with the research sector and Aboriginal and Torres Strait Islander people, and implement robust data governance and risk frameworks for responsible information asset management.
-
Appropriately create, manage, retain, and dispose information assets
Implement appropriate creation, management, retention, archiving, and destruction practices. This includes ensuring information assets are created and managed according to their value by way of transparent, responsible, and secure handling of information assets. Stringent data ownership and control conditions should be specified and maintained; and appropriate digital preservation planning undertaken.
-
Align operational and technological needs
Investigate operational and technological needs foremost to build a clear set of functional and non-functional requirements.
-
Adhere to reuse principles
Analyse the current information asset management technology environment against your requirements, identifying gaps and opportunities for reuse. Ensure the ongoing viability of information asset solutions through continual improvement of processes, and features, data, security, technology, skills, and cost.
-
Engage early
Ensure early engagement with the DTA where proposals for solutions involving information asset management either identify that the development of the system/s will be part of future budget rounds, or indicate in their proposal the intention to undertake an investigation which may require an asset management system in the future. The National Archives of Australia (NAA) may also be engaged through its Agency Service Centre.