Security is an increasingly important issue across the Australian Government. When we think of security, we usually think of physical security, or ensuring that unauthorised people do not access government buildings. However, the records that you create and capture are an essential part of your agency’s business and they also need to be kept secure.
The records that are created as part of everyday business will be captured into your agency’s records management system. Regardless of whether that records management system is for paper or electronic records, it will need to keep records secure. This means that once records are captured, they cannot be:
Keeping records secure in your agency may involve a combination of systems and processes to ensure that the above requirements are met. For example, a paper-based system might use a physical storage room that is secured by procedures, such as use of a sign-in sheet, or special keys that only authorised personnel can use. An electronic system might have functionality which allows you to apply caveats to prevent unauthorised access, or the database and terminal may be located in a locked room.
It is important that whatever records management system your agency uses, you make sure that it will keep your agency’s records safe.
For more information on the Commonwealth security needs for records, see the Protective Security Manual issued by the Attorney-General's Department.
If you manage electronic records, the National Archives has information on the security guidelines for these in the Digital Recordkeeping Guidlines. It is also important that you are aware of the provisions of the Australian Government Information Technology Security Manual (ACSI 33).