Skip links and keyboard navigation

Records governance policy

Document type:
Policy
Version:
Final v1.0.2
Status:
CurrentMandated
Owner:
QGCDG (Queensland State Archives)
Effective:
April 2019–current
Security classification:
OFFICIAL-Public
Category:
Information

Final | April 2019 | v1.0.2 | OFFICIAL - Public| QGCDG (Queensland State Archives)

Purpose

This policy sets out the foundational principles of recordkeeping for Queensland Government agencies and public authorities to meet minimum recordkeeping requirements now and into the future. The aim is to lift records management capability within all Queensland public authorities and enable them to establish their own fit-for-purpose records and information governance practices.

Policy statement

The Queensland Government values records as enablers and evidence of business activity and will systematically manage records in an accountable and transparent manner.

Policy objectives

The aim of this policy is to enable agencies and public authorities to:

  • provide a strong foundation for systematically and effectively managing complete and reliable records and information
  • ensure that those records that are most important are actively managed and preserved
  • increase the discoverability and accessibility of records and information
  • empower agencies to establish their own fit-for-purpose records and information governance practices
  • apply a phased implementation approach focusing on increasing records management capability and maturity.

Applicability

This policy is issued on the authority of the State Archivist under s.25 (1)(f) of the Public Records Act 2002.

This policy applies to public authorities as defined in the Public Records Act 2002.

Where this policy references agencies, this means all public authorities as defined by the Public Records Act 2002.

Policy requirements

Policy requirement 1: Agencies must ensure records management is supported at all levels of the business

Agencies must ensure records management is everyone's responsibility. This means it must be supported across all areas and all levels of the business by:

  • assigning formal records management responsibilities to key roles within the business to monitor and support the active implementation of this policy
  • providing appropriate advice and guidance to ensure the business is aware of the value of records and information and how this relates to their obligations and responsibilities as an employee
  • fostering a positive, innovative and collaborative recordkeeping culture.

Policy requirement 2: Agencies must systematically manage records using governance practices that are integrated and consistent with broader agency frameworks

Consistent and aligned governance practices provide a strong foundation for systematically managing records and information across all functions of an agency. Records governance must work within the agency's existing structure and governance and strengthen the agency's strategic goals and functions.

Agencies must systematically manage records and information by:

  • ensuring records and information governance is aligned with broader agency frameworks and incorporated in business strategies and objectives
  • developing and implementing appropriate and fit-for-purpose documentation that details how active records management will strengthen agency business imperatives and strategic goals
  • complying with relevant legislation that governs recordkeeping requirements
  • measuring how well records governance is supporting agency business imperatives and strategic goals.

Policy requirement 3: Agencies must create complete and reliable records

Complete and reliable records provide evidence of activities of the agency and allow the business to operate effectively. Agencies must ensure complete and reliable records are created and retained as appropriate by:

  • identifying all the records that allow the business to operate these provide evidence of decisions, support accountability and transparency, mitigate risk, help the agency meet legislative requirements and reflect the business of the agency
  • specifying how these records must be created, when they must be created, the format they must be created in, who must create them and implementing security and preservation requirements associated with those records
  • integrating record creation into existing business processes
  • ensuring recordkeeping is considered when decisions are made about business systems (particularly decisions around migration and end of life).

Policy requirement 4: Agencies must actively manage permanent, high-value and high-risk records and information as a priority

Permanent records are those with a permanent retention period. High value records are those that are important to the business, its operations, or stakeholders. High-risk records are those that pose a significant risk to the agency if they were misused, lost, damaged or deleted prematurely. These records should have the highest priority for agencies when developing and implementing their governance practices. Agencies must actively manage permanent, high-value and high-risk records by:

  • defining the criteria and processes for identifying permanent, high-value and high-risk records, including transfer of permanent value records to QSA
  • formally documenting details of permanent, high-value and high-risk records
  • actively maintaining visibility of these records while they are being used, including monitoring processes for permanent, high-value and high-risk records held in business systems and applications.

Policy requirement 5: Agencies must make records discoverable and accessible for use and re-use

Discoverable records are those that are in business systems and applications approved for use by the agency. Accessible records are those that can be located and continuously used. Agencies must ensure complete and reliable records are discoverable, accessible and are able to be used and re-used for their entire life by:

  • keeping records in business systems and applications approved for use by the agency
  • being able to discover and appropriately access records, with confidence in sufficiency of search
  • actively monitoring the health of records.

Policy requirement 6: Agencies must dispose of records in a planned and authorised way

Agencies must plan for how and when they will dispose of records, using a risk based approach. Records must be disposed of in a planned and authorised way by:

  • using the disposal authorities issued by the State Archivist, that provide proper coverage of the specific records you create and keep.
  • developing and implementing a disposal plan, which details disposal decisions and actions for the agency. The plan must, at a minimum, cover:
    • disposal endorsement, including how internal endorsement is given
    • disposal methods, including how records will be disposed of (physical and digital)
    • disposal frequency, including specifying how often certain types of records will be disposed of.
  • formally documenting the disposal of records.

Recordkeeping implementation advice

This policy should be read in conjunction with the Records governance implementation guideline and the Recordkeeping maturity assessment tool.

Issue and review

Version: 1.0.2
Issue date: 6 June 2018 (minor update 30 April 2019 and 9 April 2020)
Next review date: June 2020

This policy is published within the QGEA which is administered by the Queensland Government Customer and Digital Group. This policy was developed by the Queensland State Archives and is approved by the Queensland State Archivist and the Queensland Government Chief Information Officer.

Implementation

This policy comes into effect from the issue date.

Related QGEA documents