Council websites are key information sites for ratepayers and are increasingly the sites of much local government business. Because Council business is documented and performed on your website, it is important to make sure that you are making and keeping records of this business.
State Records NSW recognises the challenges of managing vast quantities of records, information and data in the current environment of increased cyber risks and an ever-changing technology landscape.
The minimum compliance requirements 2.2 and 2.3 of the Standard on Records Management direct public offices to strategically focus on high-value and high-risk areas of business. These requirements ensure that:
- records, information and data required as State archives and/or of high-value and high-risk are prioritised, protected and managed
- records and information management is a designed component of the most valuable and critical information and systems
- records and information management strategies and initiatives align with the organisation's critical business priorities
- resources (time, money and staff) invested/allocated are proportionate to the business value of the records, information and data.
This approach to identifying and prioritising records of high-value and high-risk also matches up with the approaches taken by cyber security to protect the most critical information assets of the organisation.
How records and information management techniques and skills can contribute to information security objectives
This advice examines how the work you are already required to do as part of the management of your records management program can be used to meet information security objectives, including compliance with the Australian Standard AS/NZS ISO/IEC 27002:2006 Information Technology – Security Techniques – Code of Practice for Information Security Management.
Under the terms of Part 2 of the State Records Act 1998, public health organisations which are part of the NSW public health system are required to meet standards for records management that are issued by State Records. This page contains guidance that will assist public health organisations to make and keep records appropriately and comply with their obligations under the Act.