Identification
Standard: Individual responsibilities
Individuals have a set of responsibilities when creating or maintaining data and documents for an agency. Agencies must define those responsibilities and deliver standards, processes and systems to monitor and support them.
Supports Policies: Data Identification; Document Identification and Capture
Scope and Interpretation
The emphasis in this standard is on individual responsibility, and applies to all media and all contributors whether inside or outside the agency. This includes reference to responsibilities defined outside the agency e.g. the Public Service code of conduct. Examples include:
-
the need to be accurate and honest
-
completeness -ensure all relevant data and documents are identified and captured either directly or by specific delegation
-
using agency conventions and applying quality checks, etc. See Standard: Skills and training.
For standards on processes and systems, see Standards: Integrity of configuration, Integrity of content, Integrity of process, Version control, Document templates.
The Business Custodian is responsible for ensuring standards, processes, systems and a monitoring regime are in place, while individual users are responsible for compliance. Monitoring could include analysis of data element or document content to verify accuracy as well as reviewing individual work practices.
Each system must be designed so that
-
Individuals find it facilitates compliance with business requirements
-
Individuals find it beneficial to enter data or create documents correctly
Rationale
Individual commitment is an essential prerequisite to the success of managing data and business documents in approved stores. Individuals must understand their responsibilities and competently process appropriate data and documents for their own immediate benefit and for that of the agency.
Standard: Discovery implications
When creating, modifying or saving data or documents in any storage medium, staff must know the discovery requirements of external legislation, e.g. the Official Information Act, and court requirements for evidence.
Supports Policies: Document Identification and Capture; Data Identification
Scope and Interpretation
Anyone creating or receiving information for an agency needs to be aware that of the potential for public or private release of information at some point in the future. For example, if combining business information and personal information or inappropriate comment e.g. in a business email, staff must bear in mind that all content will be discoverable as part of the record. Similarly, database notes must be robust enough to stand up to internal and external scrutiny for relevance and accuracy. This standard applies to all media, including paper based material.
The agency is at risk of "vicarious liability" for the actions of individuals unless it can demonstrate that there is nothing the employer could have done. Data or documents created by the individual can lead to corporate liability, even where the individual perceives the record as personal.
Each agency will need to focus not only on keeping data and documents, but also on timely destruction when retention periods expire. See Standards: Retention Requirements, Destruction Protocols.
Management has a responsibility to train staff to understand the implications of relevant legislation on data or documents they use and create, and to monitor compliance. Staff must be directed to internal or government codes of conduct and specific policies e.g. for Email use.
Rationale
Information in any medium can be sought by the courts or under the Official Information Act. There is a need to have a quality record of a business transaction.
Agencies can minimise their vicarious liability by ensuring the appropriateness of what is captured.
At present most requests from outside an agency are for physical documents. Electronic data and documents, including casual emails, can be used as evidence.
Individuals have a responsibility to record information appropriately. See Standards: Individual responsibilities, Integrity of process, Skills and training. For standards on destruction, see Standards: Retention requirements, Destruction Protocols.
Standard: Data catalogue and function map
The data catalogue and function map for each agency will be in an electronic format consistent with government metadata standards and applicable international standards.
Supports Policies: Data Identification
Scope and Interpretation
The data catalogue will list both individual data elements and the containing data stores or datasets held as a prime source by the agency. In addition, high level business functions must be identified and mapped to the main data stores that support them. Over time standard terminology across government for common administrative functions can be established. The catalogue must be published in a common electronic format to be determined by the Crown Data Steward. This is likely to be compatible with either standard ANSI Z39.50 " Information retrieval application service definition...for open systems interconnection", or the Lightweight Directory Access Protocol (LDAP) standard.
The catalogue content is designed to identify and briefly describe data and document assets to users within an agency and to external users where appropriate. It is not intended to make content available other than that of the metadata elements described below. It is not intended as a tool to support system design or maintenance, although the content of the catalogue may be largely derived from tools that define database schemas or system models. The following tables illustrate the minimum useful content.
|
Data store or dataset metadata |
Mandatory |
Dublin Core equivalent |
ISO/IEC 11179-3 |
|
Object type - e.g. Oracle database, SAS dataset etc. |
Yes |
Object type |
N/A |
|
Controlling agency/Business Custodian |
Yes |
Publisher |
N/A |
|
Physical format in which data can be made available |
If applicable |
Form |
N/A |
|
Identifier |
Yes |
Identifier |
N/A |
|
Name |
Yes |
Title |
N/A |
|
Content description |
Yes |
Description |
N/A |
|
High level business functions supported |
Yes |
N/A |
N/A |
|
Relationships to other stores or datasets |
Yes |
Relation |
N/A |
|
Copyright or ownership statement |
If applicable |
Rights management |
N/A |
|
Sources if derived or replicated from other prime data sources |
If applicable |
Source |
N/A |
|
Date of last update and/or version- for datasets maintained at set intervals |
If applicable |
Date |
N/A |
|
Spatial location or time periods covered by the data in the store or dataset |
If applicable |
Coverage |
N/A |
|
Reasons for collection of data e.g. reference to legislation |
Yes |
N/A |
N/A |
|
Data element or container metadata |
Mandatory |
Dublin Core base equivalent |
ISO/IEC 11179-3 |
|
Object type - e.g. Oracle column |
Yes |
Object type |
N/A |
|
Controlling agency/Business Custodian |
Yes |
Publisher |
Responsible organisation |
|
Physical format of the data element - size, data type etc. |
Yes - minimum requirement: data type, max size, valid values (if needed) |
Form |
Category Form Data type Max size Min size Layout Valid values |
|
Identifier |
Yes |
Identifier |
Identifier |
|
Name |
Yes |
Title |
Name |
|
Content description in business terms |
Yes |
Description |
Definition |
|
Subject Key words |
Optional |
Subject |
Key words |
|
Synonym names |
Optional |
N/A |
Synonyms |
|
Version |
Optional |
N/A |
Version |
|
Relationships to other data elements, container objects |
Yes if applicable |
Relation |
Related data reference Type of relationship |
|
Primary source data store or dataset |
Yes |
Source |
Context |
Rationale
The catalogue allows the agency to define its prime authoritative data sources both to staff and to authorised external agencies. Over time this will reduce duplication and improve data usage. The Crown Data Steward will use agency catalogues to create a high-level government wide catalogue.
While a variety of tools may be used to produce catalogues as appropriate to each agency, a common publishing format ensures simple and cost effective information sharing.
Standard: Process maps
For each of its functions, each agency will have a process map to determine where data and business documents are captured or created, and how these processes relate to any statutory or business requirements.
Supports Policies: Document Identification and Capture, Data Identification
Scope and Interpretation
Detailed process analysis is always required when developing a database system to ensure it will operate effectively within the organisation. This is part of the cost of developing an information system.
Some agencies have detailed and elaborate legacy processes for handling paper documents, so that the responsibilities for creating and filing material are clear. Mostly these processes have not been translated for use with electronic documents as a paper copy is still often considered to be the "file" copy.
With the virtual universal use of electronic documents in offices it is now becoming essential to apply discipline to both document creation and to the process of managing the resulting document stores. To do this effectively managers and staff must understand the relationships between document creation and document management, and act to ensure consistent results across all storage media. See also standard Individual responsibility
Examination of processes could be done on a "Pareto" basis, where the agency determines where to put its best effort to maximise returns. This may involve identification of key functions, cross agency processes and agency/private organisation processes. It is also important to determine where and when new versions of data or documents are created (see also Standards: Version control)
Many processes are generic across agencies and there are potential benefits from agencies collaborating to map them.
Rationale
Process mapping assists the organisation to know where its data and business documents are being created and how they are being managed. It also improves "buy in" from staff, since the focus is on statutory or business needs. Process mapping also reduces risk of important information never being captured, or of being handled inappropriately, and increases transparency and assists in audit.
[ Previous | Next ]
