Download presentation
Presentation is loading. Please wait.
Published byWilfrid Oliver Modified over 8 years ago
1
Click to edit Master text styles IM Maturity Assessment – An introduction to the Audit Government Information Strategy Unit (GISU) Tasmanian Archive + Heritage Office
2
Click to edit Master text styles Why the audit? Digital transformation has given way to digital disruption, as social media, cloud and the rapid evolution of emerging technologies change the face of information creation, capture, sharing, and collaboration. The consumerisation of IT has transformed the way our communities expect to interact with information, and access government services. Increasing pressure is being placed on service delivery, collaboration and communication channels by increasingly technologically sophisticated individuals, and tools. Exponential growth of information, and emerging technologies have made the control and governance of agency information more complex. Agencies may be feeling overwhelmed by the size of the perceived task, and under-equipped in terms of skills and capability to meet modern information challenges. Whilst government is busy trying to keep up, the business value of information being stored and shared via these new systems is typically unknown and unmanaged, opportunities are missed, process inefficiencies abound, and risk is increasing.
3
Click to edit Master text styles The information agenda 1 Open Data information portal for government datasets and increased community collaboration http://www.egovernment.tas.gov.au/stats_matter/open_data/tasmanian_g overnment_open_data_policy 2 Shared systems for internal business efficiencies, analytics, and information portability, e.g. Empower, EDI 3 Integrated information exchange in response to community expectation, e.g. “Safe Families Tasmania” http://www.dpac.tas.gov.au/safehomessafefamilies 4 Shared systems to support digital service delivery, e.g. iPlan http://www.iplan.tas.gov.au/Pages/XC.Home/Home.aspx 5 Tasmanian Cloud initiative (Networking Tasmania III) http://www.tmd.tas.gov.au/__data/assets/pdf_file/0004/266584/T asmanian_Cloud_NT_III_Information_Sheet.pdf
4
Click to edit Master text styles A need for incremental improvement The revision of Guideline 1 Records Management Principles, and the introduction of the information maturity assessment is intended to: Support a strategic approach to records management as agencies transition to digital business Introduce new key concepts (information governance and information risk) Promote a culture where agencies value their corporate information as a strategic business asset Cover records and information outside of ‘traditional’ recordkeeping systems Align with whole of government policies such as information security Progress foundational IM practice and governance, in order to support collaboration and government information initiatives Ensure agencies commence working towards a defined ‘minimum standard’ for RIM
5
Click to edit Master text styles The audit – a key piece of the puzzle Key to understanding the agency information environment and identifying ‘current state’ issues and risk exposure, includes: conducting an information maturity assessment building an inventory of information assets assessing existing organisational resources and skills These are fundamental steps for any business undergoing digital transformation, and developing Information Governance capability. Agencies may be under-resourced, or lacking the in-house capability to undertake environmental assessments unassisted. The introduction of the audit, together with the provision of an information maturity assessment and recommendations, is seen as a key support function GISU can provide to government agencies. It also provides an opportunity to derive insight that will allow us to continue to support each agency with targeted advice, specific to individual circumstances.
6
Click to edit Master text styles The audit process Notify & schedule audit Evidence submitted Evidence Review Onsite interview & inspections Results assessed & report compiled Audit Report presentation to agency Agency Action Plan Follow up and progress monitoring WhoWhat GISUNotify agency of intention to audit, and commence scheduling AgencyCollate and submit evidence requested to GISU GISUReview of submitted evidence GISUConduct audit interview and site inspections GISUResults reviewed and report compiled GISUAudit report presented to agency identifying key recommendations AgencyAction plan developed and submitted to GISU GISUSupport and progress monitoring
7
Click to edit Master text styles The evidence checklist The evidence checklist is sent to the agency with the initial ‘notification’ email, outlining the audit process. A nominated officer should complete the evidence checklist, indicating where the agency has developed tools. Room for comments is provided. Copies of agency documentation, ‘screen dumps’ etc, should be submitted back to GISU along with the completed checklist by the due date specified. Review of these materials helps to inform the subsequent audit interview. Please note: there is NO requirement for the agency to retrospectively create tools in order to attempt to ‘fill gaps’ prior to interview agencies are not expected to have ALL of the examples listed (you may not have any!) agencies may have other documents (not specifically listed) that serve the same (or similar) purpose. These should be indicated where relevant on the checklist and supplied as evidence.
8
Click to edit Master text styles The audit interview A GISU audit officer will attend the agency to interview key personnel. Where possible, this should include the most senior officer with RIM accountability (CIO, GM, Manager – Corporate Services, etc) as well as specialist RIM staff. Where agencies operate out of multiple sites, and do not have a centralised RIM function, representatives from each site should be in attendance, either in person, or via video/phone link. The agency’s current (last 12 months) Register of Records Destroyed will be required to be produced for inspection during the interview process. The GISU audit officer will also need to undertake inspection of physical storage areas managed by the agency (either on site or offsite secondary storage), and complete an inspection checklist. Note this may require appropriate transport arrangements to be made in advance.
9
Click to edit Master text styles The key recommendations Whilst the audit report will also provide detailed findings, we have deliberately limited the key recommendations for each agency to three. This is to ensure adequate time is available between audit cycles to implement each of these improvements effectively. The key recommendations, once implemented, will support improved service delivery by providing the agency with foundational information management practice. Implementing robust building blocks will further support an information framework that promotes innovation and collaboration, and improves risk identification/management, legislative compliance and business efficiency.
10
Click to edit Master text styles The action plan In order to confirm the agency’s commitment to the incremental improvement of RIM practice, and progress the key recommendations, a template for an Agency Action plan has been developed for use The Action plan should specifically address each of the key recommendations in turn, and allocate each action with a timetable and responsible agency officer. Submission of the agency’s endorsed Action plan to GISU will enable us to provide appropriate guidance and support to the agency personnel working on action items, and monitor agency progress. Additional resources are available via the GISU website, including templates and guideline/advices, to support agencies actioning key recommendations.
11
Click to edit Master text styles Summary of audit requirements An evidence checklist will require completion and submission, along with copies of existing records & information management related policy, procedures, plans and other tools, currently in use. Where an agency has multiple sites that are not managed by a centralised records unit, a representative of each site needs to be in attendance. This may be arranged via video/phone link. Inspections of storage facilities for physical records maintained by the agency must be undertaken, so transport arrangements may be required (where storage is located offsite). Results will be presented to senior executive, in addition to the provision of a detailed report. Three key recommendations will be identified for agency implementation between audit cycles. An endorsed action plan in response to the audit’s key recommendations should be submitted to GISU post-audit
12
Click to edit Master text styles Need some advice? Contact details: Allegra Huxtable – Manager GISU Level 4, 91 Murray Street Hobart TAS 7000 e: Allegra.Huxtable@education.tas.gov.auAllegra.Huxtable@education.tas.gov.au p: 03 6165 5580
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.