logo
 admin@acumenti.com.au
+61 432 662 733
    social googlesocial twittersocial linkedinsocial facebook
  • Home
  • Articles & Resources
  • Software Suppliers be Aware: New Functionality Required in Software for Australian Government Agencies

Software Suppliers be Aware: New Functionality Required in Software for Australian Government Agencies

Rec Mgt FunctionalityAll business systems deployed in or for Australian Government agencies must include a base level of functionality to support records management after December 2016. National Archives of Australia (NAA) have set timelines for all Australian Government agencies to assess and take action for all business systems to ensure they:
  • Meet the minimum metadata standards
  • Meet the functional requirements for information management
Existing systems have until December 2020 to achieve this. All new systems procured or deployed after December 2016 must meet this.

Software suppliers, whether supplying the software as a product or a service, will have to address a number of challenges.

Inclusion of record keeping metadata

Any software system that holds business records must include basic metadata such as:
  • Unique record identifier
  • UserID and timestamp for record creation and modification
  • Protective marking (security classification) for each record
  • Disposal class (a class identifier that relates to retention periods) for each record
  • Additional metadata to allow the calculation of disposal date from the disposal class

Implementation of disposal functionality

A business system may include capability to dispose of records - delete records in a controlled, authorised and auditable manner.

If implemented, that implies the ability to appropriately delete one or more records that have met the requirements of their disposal class. The disposal must:
  • Only occur after an appropriately authorised officer has approved it. This usually takes the form of an approval workflow.
  • Delete all record content that could conceivably be used to reconstruct the record, including audit log entries
  • Meet the security requirements for disposal of records according to their security classification
  • Retain a subset of the metadata to show that a record existed
  • Record additional metadata about the disposal
In addition the system must be able to produce reports on disposals as required.

Keeping records

A record is not just the content of the business transaction. It is also the metadata about the business transaction including all of the associated audit log entries. In some cases it may also include details about every user that viewed the record.

All of this content must be retained from record creation to disposal.

If disposal functionality is not implemented in the system this means that all of that data, including the audit logs, must be retained for the life of the system.

Trusted records

The records and their associated metadata must be able to be trusted. That means the system must implement security controls to prevent unauthorised access and to ensure that only authorised changes can be made to the content of the records and that metadata relating to creation, access and modification of records cannot be modified or deleted.

Export of records

During the life of the system or at the end of life of the system there will be a requirement to be able to export records for the system for long-term archival purposes or for transfer to another system.

This export capability must be such that it:
  • Exports an entire record
  • Includes the metadata
  • Is in a format that can be readily imported or consumed
  • Records its own metadata about exports that have been executed

Reporting

Functionality is required to allow reporting of record management activities that have occurred throughout the life of the system. As a minimum this includes reporting on the disposals that have occurred and the exports that have been executed.

Is your software ready?

All software vendors who currently or intend to supply business systems to Australian Government agencies will have to make these assessments and potentially make some changes to deliver the functionality.

Now is the time to ask yourself, are you ready?

This email address is being protected from spambots. You need JavaScript enabled to view it. for help understanding what changes you might need to make.

Print Email