2015 - 2017 Audit Program: Introduction. Our role Located within the Tasmanian Archives and Heritage Office (TAHO), the Government Recordkeeping team.

Slides:

Advertisements

Similar presentations

Organizational Governance

Advertisements

(Individuals with Disabilities Education Improvement Act) and

Smarter Information Management Presenter: Dianne Macaskill Chief Executive Archives New Zealand.

Data Quality Considerations

Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.

Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.

Health Records Management Practitioner

Identification and Disposition of Official University Records University of Texas at Arlington Records Management.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

STRATEGIC PLANNING FOR Post-Clearance Audit (PCA)

1 Auditing in the Public Interest Records Management in the Victorian Public Sector Audit objective Audit had two objectives : The first objective was.

Standard on records management Catherine Robinson Senior Project Officer, Government Recordkeeping Records Managers Forum, 26 November.

Introduction to Guideline 25 – Managing Information Risk Samara McIlroy, Consultant, Government Recordkeeping

By Collin Smith COBIT Introduction By Collin Smith

Developing a Records & Information Retention & Disposition Program:

Introduction & Background Laurene Christensen National Center on Educational Outcomes National Center on Educational Outcomes (NCEO)

Office of Inspector General (OIG) Internal Audit

© The Association of Independent Schools of NSW Preparing for the ASQA Audit.

Quality Representative Training Version

Practice management – Risk Management for in-house lawyers Shari Emen Director, PwC.

Preparing Scotland’s first Records Management Plan Ava Wieclawska Records Manager.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Power Pack Click to begin. Click to advance Congratulations! The RtI process has just become much easier. This team member notebook contains all the information.

Conducting the IT Audit

Guidelines 4-6 Developing a file plan for government agencies Tuvalu Government Filing Manual Funafuti, Tuvalu June 2013 There are three guidelines in.

REVIEW AND QUALITY CONTROL

Internal Auditing and Outsourcing

COBIT®. COBIT - Control Objectives for Information and related Technology C OBI T was initially created by the Information Systems Audit & Control Foundation.

Managing your web records Patrick Power Manager, Government Recordkeeping Programme Archives New Zealand.

Minnesota’s Internal Control Initiative National Association of State Comptrollers March 25, 2011 Speaker Jeanine Kuwik, MBA, CPA, CISA Director of Internal.

G17: Recordkeeping for Business Activities Carried out by Contractors Patrick Power, Manager Government Recordkeeping Programme Archives New Zealand.

Basics of OHSAS Occupational Health & Safety Management System

Records Managers’ Forum 28 February Draft standard on the appraisal and disposal of State records Catherine Robinson Senior Project Officer, Government.

Legacy Records Programme Programme Launch Government Recordkeeping Forum 3/9/2008 Tom Norcliffe, Acting Manager Appraisal.

Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.

Roles and Responsibilities

Chapter 3 資訊安全管理系統. 4.1 General Requirements Develop, implement, maintain and continually improve a documented ISMS Process based on PDCA.

Recordkeeping for Councillors

Records Management and the Center for Folklife and Cultural Heritage Presented by Jennifer Wright Smithsonian Institution Archives Records Management Team.

Risk Management NDS Forum June 23 rd Example safety objective Objective 1: To protect the health, safety & welfare of employees and people at our.

Digital Continuity - Recordkeeping Forum Sep 2009 Digital Continuity: Launching into Action! Evelyn Wareham Programme Manager, Digital Continuity.

Guide - Recordkeeping for business activities carried out by contractors Natalie Dewson Senior Advisor Government Recordkeeping Programme Archives New.

Legacy Records Programme Update on the Legacy Records Programme Auckland Government Recordkeeping Forum 17/11/2009 Cheryl Pointon, Acting Manager Appraisal.

The Government Recordkeeping Survey 2008 Natalie Dewson, Senior Advisor, Government Recordkeeping Programme, Archives New Zealand.

Recordkeeping for Good Governance Toolkit Workshop PARBICA 14 Evidence and Memory in the Digital Age.

Records and the Law Jan Liebaers Cayman Islands National Archive.

Managing Records: Good government, Better business. FOI Presentations to Boards & Committees Cayman Islands National Archive November 2008.

PUBLIC–PRIVATE PARTNERSHIP (PPP) FRAMEWORK AND GUIDELINES Syed M. Ali Zaidi, P.Eng. PM(Stanford), Ph.D. Director, Strategic Partnerships Alberta Infrastructure.

Consultant Advance Research Team. Outline UNDERSTANDING M&E DATA NEEDS PEOPLE, PARTNERSHIP AND PLANNING 1.Organizational structures with HIV M&E functions.

SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.

Evaluate Phase Pertemuan Matakuliah: A0774/Information Technology Capital Budgeting Tahun: 2009.

Assessment Validation. MORE THAN YOU IMAGINE ASQA (Australian Skills Quality Authority) New National Regulator ASQA as of 1 July, 2011.

Surveying and Scheduling Records of OCIO Presented by Jennifer Wright Smithsonian Institution Archives Records Management Team February 16, 2005.

University Retention Schedule Training. Introduction to the University Retention Schedule.

Leadership Guide for Strategic Information Management Leadership Guide for Strategic Information Management for State DOTs NCHRP Project Information.

Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.

Federal Information Security Management Act (F.I.S.M.A.) [ Justin Killian ]

Click to edit Master text styles IM Maturity Assessment – An introduction to the Audit Government Information Strategy Unit (GISU) Tasmanian Archive +

Agency Briefing - Overview

Recordkeeping Standards Kathryn Dan, with acknowledgements to Kye O’Donnell, Public Record Office Victoria.

FRAME: Framework for Risk Assessment Management and Evaluation IAFMHS – Barcelona 2011 Mark McSherry Head of Development Heather Irving Standards and Guidance.

LRC Network Planning for Records Management improvement Kathryn Dan, GM University Records and Policy.

What is ISO Certification? Information is a valuable asset that can make or break your business. When properly managed it allows you to operate.

What standards, relevant to me, are there? Barbara Reed Chair, Standards Australia IT 21 Committee on Records and Document Management Systems.

Accountability & Structured Privacy Management

Internal Control Principles

Introducing ICA-Requirements Module 3: Functional Requirements for Records in Business Systems

Anna Preston Vance, HA of Paris

RECORDS AND INFORMATION

Presentation transcript:

Audit Program: Introduction

Our role Located within the Tasmanian Archives and Heritage Office (TAHO), the Government Recordkeeping team (GRK), provides a framework of legislation, guidelines, training and advice about creating, managing, and disposing of State records to support Tasmanian state and local government, government owned businesses and other agencies. The GRK team is also tasked with the important role of selecting and transferring the right records into Tasmania’s archival collection.

Our Guidelines The Archives Act 1983 provides the legislative background and provisions for us to issue Guidelines for the management of State records. Guidelines are a defined set of Standards for recommended practice. Agencies have a duty to take all reasonable steps to ensure that they comply with our Guidelines. Guidelines are published on our website: eadvice eadvice

Making proper records Section 10 of the Archives Act 1983 covers the making and keeping of State records. This section of the Act stipulates that proper records of the business of all government agencies must be made and kept, and their accessibility maintained until they are covered through other provisions of the Act. First issued in 2005, Guideline 1 – Making Proper Records provided information about agency obligations flowing from this requirement in the Act. By 2014, Guideline 1 was in need of an update. We decided it should provide more practical guidance for agencies transitioning to a digital business environment.

Guideline 1 – Records Management Principles The updated Guideline: Supports a strategic approach to records management as agencies transition to a digital business environment Introduces some key new concepts (information governance and information risk) Promotes a culture where agencies value their corporate information as a business asset Covers records that are outside ‘traditional’ recordkeeping systems Aligns with whole of government policies such as information security

Evidence-based Audits During 2015, the GRK team will commence audits of the recordkeeping function in agencies. These audits will be evidence- based. The audit framework is built around Guideline 1 - Records Management Principles, and the results are intended to provide us with a baseline measurement of Tasmanian Government recordkeeping maturity. The evidence checklist from Guideline 1- Records Management Principles will be used for this audit. This checklist describes what kind of evidence your agency should submit to us for assessment.

Notify and schedule audit Evidence submitted Evidence Review Onsite Audit Agency compliance assessed Audit Reports issued Follow-up as required Agency Action Plan The audit process

WhoWhat GRKNotify agency of intention to audit, and schedule audit AgencyEvidence sent to GRK GRKReview of submitted evidence GRKAudit conducted GRKScores reviewed GRKAudit Report sent to agency GRKFollow-up meeting to discuss findings, if requested AgencyAction Plan submitted by agency

Benefits for agencies Tailored recommendations to improve information management Targeted report to inform your Records Management Program (for example, development of an Operational Plan or support for a business case) Identification of your top information risks Recommendations that, if implemented, will support improved service delivery and assistance in meeting legislative requirements Assistance in developing an action plan and timeline for compliance with the Archives Act 1983

Benefits for us Allow us to systematically gather comprehensive information on recordkeeping practices and the major information risks facing Tasmanian government more broadly Develop a more strategic approach to our service delivery Improve awareness, understanding and use of our guidelines, advice, training and other services Develop specific measures to assist agencies to consistently and effectively address recordkeeping compliance Establish feedback mechanisms that assist us to determine if we are using our resources cost-effectively

Audit misconceptions The audit only looks at hardcopy records The audit covers records in all formats, locations and systems. We are going to fail because we don’t have a Records Management Unit A small agency may have an assigned officer and a Records Management Program, but not necessarily a Records Management Unit. The audits don’t cover my special kinds of records Records of the business activities of all government agencies are covered. We would need to know more about your records before we could exclude them from the audit. We are going to fail because we don’t have an EDRMS Systems which hold records can be either in an electronic or paper form, and may include business systems. We will fail because we can’t provide all of the evidence on the checklist There is no pass or fail, the audit scores each agency according to defined maturity levels.

If you would like more information about the audit process, contact the GRK Unit: or If you would like more information about the audit process, contact the GRK Unit: or More information