NSW Office of Finance & Services Strategic Policy Level 23W, McKell Building 2-24 Rawson Place Sydney NSW 2000 T 02 9372 8132 TTY 1300 301 181 www.finance.nsw.gov.au

Guidelines for agencies using the

Information Asset Register

Friday 20 March 2015

i

Table of Contents

OVERVIEW 1

ABOUT THIS DOCUMENT 1

ABOUT THE INFORMATION ASSET REGISTER 1

THE IM FRAMEWORK AND DATA AND INFORMATION CUSTODIANSHIP POLICY

2

THE INFORMATION MANAGEMENT FRAMEWORK 2

DFS C2013-3 DATA AND INFORMATION CUSTODIANSHIP POLICY 2

CUSTODIAN AGENCY RESPONSIBILITIES 4

INFORMATION ASSET CUSTODIANSHIP AND RESPONSIBILITY FOR DATASET INFORMATION 4

FILE STORAGE 4

DATA QUALITY STATEMENTS AND OTHER ADDITIONAL INFORMATION 4

AGENCY USER ACCOUNTS 5

WHO CAN CREATE AN ACCOUNT? 5

AGENCY ACCOUNT CREATION 5

USER PERMISSION MODEL 6

METADATA REQUIREMENTS 7

IAR METADATA FIELDS 8

INFORMATION SOURCES 9

METADATA RESOURCES 9

SENSITIVE INFORMATION 10

SENSITIVE INFORMATION 10

ii

DFS C2013-5 INFORMATION CLASSIFICATION AND LABELLING GUIDELINES 10

HOW TO UPLOAD METADATA 11

HOW TO MODIFY EXISTING METADATA 13

LIST OF APPENDICES 14

ATTACHMENT A – DATA QUALITY STATEMENTS 15

ATTACHMENT B – TERMS AND CONDITIONS FOR USE OF THE IAR 18

ATTACHMENT C – APAIS HIGH LEVEL THESAURUS 22

ATTACHMENT D – DCMI TYPE VOCABULARY 23

ATTACHMENT E - CONTACT AND FURTHER INFORMATION 25

DOCUMENT CONTROL 26

1

Overview

About this Document

This document describes the procedures for using the Information Asset Register and

the roles and responsibilities of the agency that created and/or is the custodian of the

information assets.

About the Information Asset Register

The Information Asset Register (IAR) provides searchable metadata and contact

details for a list of core-value information assets held by NSW government agencies, in

order to facilitate their sharing between agencies.

Core-value information assets are those that have one or more of the following

characteristics, in that they are:

Best aligned to NSW Government strategic objectives

Central for the progression and development of the State

Required for frequent use and re-use across Government in support of various functions and services

The IAR does not host data nor does it point directly to information assets. It holds

metadata that describes what the information asset is, and who to contact for access.

The information described in the metadata on the IAR is more sensitive than that held

in the Data.NSW open data portal. For this reason, you must be a designated NSW

Government employee in order to access the IAR.

Metadata contained in the IAR and any information from the datasets listed is not for

public release without the express permission of its custodians.

It is the responsibility of agency representatives to upload and maintain currency of

metadata. Agency representatives can obtain a login that will provide access to the

IAR. There are metadata requirements which agencies must adhere to. These are set

out on page 7.

Agencies using the IAR will abide by Terms and Conditions of use of the IAR, as

specified in Attachment A.

2

The IM Framework and Data and Information

Custodianship Policy

The Information Management Framework

A key initiative of the NSW Government ICT Strategy is the development of an

Information Management Framework (the IM Framework) to support the way

government administers and uses data and information.

The Framework is a coherent set of standards, policies, guidelines and procedures

which are implemented either manually or, where possible, automated through

technology. This allows data and other information assets to be managed in a secure,

structured and consistent manner.

It ensures that data and information can be appropriately shared or re-used by

agencies, individual public sector staff, the community or industry for better services,

improved performance management and a more productive public sector.

The development of a directory of key information assets that can be shared across

agencies is an action under the 2014-2015 update to the NSW ICT Strategy, Digital +.

DFS C2013-3 Data and Information Custodianship Policy

The NSW Government Data and Information Custodianship Policy establishes a set of

principles for managing core-value government data and information assets.

The policy requires the identification of custodians for core-value datasets.

Core-value datasets are those defined by agencies as best aligned to the NSW

Government’s strategic objectives; or central for the progression and development of

the state; or required for frequent use and re-use across government in support of

various functions and services.

The information asset register supports the objectives of the Data and Information

Custodianship Policy.

Custodians are responsible for maintaining custodianship records of core value

datasets.

3

A circular on the NSW Government Data and Information Custodianship Policy may be

downloaded here: http://www.finance.nsw.gov.au/content/dfs-c2013-3-data-and-

information-custodianship-policy

4

Custodian Agency Responsibilities

Information asset custodianship and responsibility for dataset information

Agencies maintain responsibility for the metadata they have provided. Agencies have

the ability to modify metadata for files corresponding to their jurisdiction/area and are

encouraged to correct oversights or previous inaccuracies. Data custodianship remains

with the publishing agency, as described in the NSW Data and Information

Custodianship Policy.

File storage

Custodian agencies are responsible for the storage of datasets for which metadata has

been provided. The IAR does not store data, but provides metadata about information

assets held by NSW Government agencies. The IAR is not responsible for the storage

or availability of datasets for which metadata is provided.

Data quality statements and other additional information

Data quality statements or other additional information about a dataset agencies may

wish to provide can be uploaded as a data resource within the metadata.

To prepare a data quality statement, it is recommended that agencies refer to the NSW

Government Standard for Data Quality Reporting. Attachment A offers guidance for

preparing a Data Quality Statement.

Identifying Information Assets

An information asset is a body of information, defined and managed as a single unit so

it can be understood, shared, protected and exploited effectively.

Information asset can describe resources individually or at an aggregate level. They

include individual datasets and files as well as information processing infrastructure

such as databases, data hubs and other systems and platforms. Agencies should

identify resources of core-value for inclusion on the IAR.

5

Agency User Accounts

Agencies play an active role in uploading metadata to the IAR. Agency representatives

can view, upload and edit metadata entries on the platform, depending on their level of

access.

Who Can Create an Account?

The IAR is intended for all NSW Government principal departments, agencies and

state owned corporations.

Agency Account Creation

To request an IAR account:

1. Carefully read the IAR Terms of Use (Attachment A) and Guidelines for Using

IAR in their entirety.

2. Determine what level of user access you require. See page 7 for user

permission model.

3. Fill out the online form at the IAR homepage: http://www.data.nsw.gov.au/iar/.

6

4. Wait for confirmation that your account has been activated.

You will not immediately be able to access the IAR; your request will be

reviewed by system administrators and you will receive email confirmation once

your account is active. System administrators may contact you via email during

this process.

User Permission Model

Users can request one of three levels of access to the IAR.

IAR Viewer

IAR Viewers are able to search metadata and see the contact details of custodians.

IAR Viewers will not be able to upload, edit or delete metadata.

Agency Dataset Creator

Agency Dataset Creators will have the same rights to search metadata as IAR Viewers;

however, they will also be able to create metadata entries on behalf of their agency.

Agency Dataset Manager

Agency Dataset Manager will have the same as Agency Dataset Creators; however,

they will also be able to edit and delete metadata on behalf of their agency.

Assignation of access levels will be on a case-by-case basis, taking into consideration

the needs and specific requirements of each user and agency.

7

Metadata Requirements

The IAR requires metadata that is compatible with the AGLS metadata standard. The

schema used in the IAR has been developed to be of minimal burden for agencies in

the upload process. When uploading a dataset:

1. Complete all mandatory fields

2. Complete optional fields where possible

3. Check entries for accuracy

4. Submit for moderation and publishing

8

IAR metadata fields

Metadata field name Description

Title* A name given to the resource

Description* An description of the content of the resource

Tags

Tags should be taken from key words within the title and

description of the metadata. Tags are a convenient way

to link your entry to others on the IAR. Use the APAIS

Thesaurus at Attachment C.

Organisation* Custodian agency/entity primarily responsible for the

resource content.

Type Eg. XML, HTML, XLS, RSS, CSV, PDF, Other

Frequency of change How often the resource is refreshed or updated

Quality statement

A description of the characteristics of the data to help

them determine whether it will be fit for their specific

purpose.

Indicate high, medium or low. See Attachment A.

Access & Restrictions* Factors that may limit publication or re-use of the

resource, e.g. copyright, privacy, commercial property

Date of registration*

Typically, Date will be associated with the creation or

availability of the resource. Recommended best practice

for encoding the date value is defined in a profile of ISO

8601 and follows the YYYY-MM-DD format. Example:

Date issued 2008-10-09.

Name of custodian contact /

position*

An individual primarily responsible for the resource

content. Include business unit.

Custodian email*

Custodian phone*

* Required fields

9

Information Sources

The following documents provide the controlled lists for use in the relevant metadata

fields as described in the table above:

APAIS High-Level Thesaurus (see Attachment C)—Tags

Archives Investigator Function Set (see Attachment E)—Groups

DCMI Type Vocabulary (see Attachment F)

Metadata Resources

AGLS Usage Guide

http://www.agls.gov.au/pdf/AGLS%20Metadata%20Standard%20Part%202%20Usage

%20Guide.PDF

AGLS Reference Description

http://www.agls.gov.au/pdf/AGLS%20Metadata%20Standard%20Part%201%20Refere

nce%20Description.PDF

NSW Government Standard for Data Quality Reporting

http://finance.nsw.gov.au/ict/sites/default/files/NSW%20Standard%20for%20Data%20Quality%20Reporting%20FINAL_1.pdf The National Archives (United Kingdom) Identifying Information Assets and Business Requirements http://www.nationalarchives.gov.uk/documents/information-management/identify-information-assets.pdf

10

Sensitive Information

Sensitive Information

The IAR is intended for use by NSW Government agencies as a catalogue of

information assets that are too sensitive for public release, but could be shared

between NSW Government agencies. It is the responsibility of agencies to determine if

their information is too sensitive for the Data.NSW open data platform and appropriate

for the IAR.

Individual agencies themselves are best placed to determine the sensitivity of the

information resources the hold base on the Government Information (Public Access)

Act 2009 (NSW) (GIPAA), the Privacy and Personal Information Act 1998 (NSW)

(PPIPA), the Health Records and Information Privacy Act 2002 (NSW) (HRIPA) and the

State Records Act 1998 (NSW).

DFS C2013-5 Information Classification and Labelling Guidelines

The NSW Government Digital Information Security Policy outlines the NSW

Government’s commitment to transitioning to a system for classifying and labelling

sensitive information in a manner that is consistent with the Commonwealth security

classification system.

The NSW Government Information Classification and Labelling Guidelines provides

advice for implementing consistent methods of classification and labelling that allows

sensitive information to be securely shared between agencies and across jurisdictions,

with confidence that the information will be handled and protected according to its

sensitivity.

The IAR supports the Information Classification and Labelling Guidelines by providing a

catalogue of sensitive information that could be shared between NSW Government

agencies.

11

How to Upload Metadata

Step 1: Go to http://data.nsw.gov.au/iar/ and login with your user account details. You

will need to be an Agency Dataset Creator or Agency Dataset Editor make an entry.

Step 2: Navigate to Datasets page and click on the red ‘Add Dataset’ tab.

12

Step 3: Fill in all required fields and all suggested fields where possible.

Step 5: Click “save” at the bottom right corner of the page.

Your entry will be subject to review by system administrators.

13

How to Modify Existing Metadata

Step 1: Select the metadata and click ’manage’.

Step 2: Update the necessary fields and click “Update Data Set.”

14

List of Appendices

A. Data Quality Statements

B. Terms and Conditions for use of the IAR

C. APAIS High-Level Thesaurus

D. DCMI Type Vocabulary

E. Contact and Further Information

15

Attachment A – Data Quality Statements

Data quality statements

Data quality is determined by whether or not the data is suitable for its intended use.

This is generally referred to as being “fit-for-purpose”. Data is of sufficient quality if it

fulfils its intended use (or re-use) in operations, decision making or planning.

However, it is not always possible for data producers, stewards or custodians to predict

the needs of all users and the various ways in which their data might be used; a data

quality statement, then, should provide users with a description of the characteristics of

the data to help them determine whether it will be fit for their specific purpose.

A data quality statement should address 5 quality dimensions: Institutional

Environment, Accuracy, Coherence, Interpretability and Accessibility.

Institutional Environment refers to the institutional and organisational factors which may

have a significant influence on the effectiveness and credibility of the agency producing

the statistics.

Accuracy refers to the degree to which the data correctly describe the phenomenon

they were designed to measure.

Coherence refers to the internal consistency of a statistical collection, product or

release, as well as its comparability with other sources of information, within a broad

analytical framework and over time.

Interpretability refers to the availability of suplementary information to help provide

insight into the data.

Accessibility refers to the ease of access to data by users, including the ease with

which the existence of information can be ascertained, as well as the suitability of the

form or medium through which information can be accessed.

The data quality statement should include an assessment of each of these dimensions

of quality as Low, Medium or High.

In order to determine the quality level, the following checklist should be used.

16

DATA QUALITY STATEMENT CHECKLIST

The data quality level for each dimension of the data quality statement is based on a

score from 1 to 5. Each dimension contains a five-point checklist and the quality level

of LOW, MEDIUM or HIGH is based on how many of these points apply to the dataset.

A score of 0-1 is considered LOW quality. A score of 2-3 is considered MEDIUM

quality. A score of 4-5 is considered high quality HIGH quality.

Institutional Environment LOW / MEDIUM / HIGH

Agency is the registered custodian of the data

Organisation has and Active Data Quality Framework in place

Quality control responsibility for this data is clearly assigned

Data collection is authorised by law, regulation or agreement

Agency has no commercial Interest or conflict of interest in data

Accuracy LOW / MEDIUM / HIGH

Data has been subject to a quality assurance process

Data is revised and publicised if errors are identified

The impact of any adjustments or other changes are reported

There are no known gaps in the data

Any factors impacting validity are reported

Coherence LOW / MEDIUM / HIGH

Standard concepts, classifications and categories are used

Elements within the data can be meaningfully compared

This data is consistent with other data sources

A time series is available for this data

This data is consistent with previous releases

[OR the dataset is a single collection, not part of a series]

17

Interpretability LOW / MEDIUM / HIGH

A data dictionary is available to explain the meaning of data elements, their

origin, format and relationships

Information is available about the sources and methods of data collection. (eg.

Instruments, forms, instructions)

Information is available to help users evaluate the accuracy of the data and any

level of error

Information is available to explain concepts, help users correctly interpret the

data and understand how it can be used

Ambiguous or technical terms are explained

Accessibility LOW / MEDIUM / HIGH

Data is available online with an open licence if appropriate

Data is available in machine-processable, structured form (eg. CSV format

instead of an image scan of a table)

Data is available in non-proprietary format (eg. CSV, XML)

Data is described using open standards (eg. RDF, SPARQL) and universal

resource identifiers (URIs)

Data is linked to other data where appropriate to provide context

For more information on preparing a data quality statement, it is recommended that

agencies use the NSW Government Standard for Data Quality Reporting. This

standard provides a method for agencies to create simple data quality statements that

describe their datasets for secondary users.

18

Attachment B – Terms and Conditions for

Use of the IAR

These Terms of Use are published on the IAR and are reproduced here. All users of

the IAR are required to agree to these terms and conditions.

Terms of Use for the IAR

1. General

The State of NSW (NSW office of Finance and Services (“OFS”) promotes the sharing

and use of government data to allow other agencies to access information which may

be useful for service delivery or evidence-based policy decisions.

OFS reserves the right to amend these Terms of Use at any time without notice. Both

the IAR and users will be subject to the Terms of Use current at the time of use, as

published on the IAR.

Activity that may violate these Terms of Use should be reported to

datansw@finance.nsw.gov.au.

2. Interpretation

These Terms of Use are governed by, and are to be interpreted in accordance with, the

laws of the State of NSW, Australia. Users of the IAR agree that the courts of the State

of NSW have non-exclusive jurisdiction with respect to any matter arising from these

Terms of Use or the IAR.

If any provision of these Terms of Use is held to be invalid or unenforceable that

provision may be:

read down to the extent necessary to make it valid and enforceable; or

severed and the remaining provisions of these Terms of Use enforced.

A reference to OFS in these Terms of Use is understood to include any person or body

appointed by OFS to operate the IAR.

The inclusion of any email addresses on the IAR does not imply consent to receiving

unsolicited commercial electronic messages or SPAM.

19

3. Use

Data and information obtained from or associated with the IAR must not be used to

create, send, access or store any form of data or information that:

a) damages the good standing of the IAR or misrepresents the IAR;

b) involves or could lead to victimisation, discrimination, harassment or vilification;

c) is sexually suggestive, offensive, obscene, threatening, abusive or defamatory;

d) is misleading or deceptive;

e) is in breach of any Australian State or Federal law;

f) may damage, destabilise or compromise the security of information or

technology of the IAR or any other person, business, government body or

organisation (e.g. sending a virus, using password cracking tools);

g) infringes the copyright or other intellectual property rights of any third parties;

h) may compromise the confidentiality, security or privacy of employees, persons,

businesses, government bodies or other organisations (e.g. by re-identifying

previously de-identified data or making it possible for others to do so);

i) impersonates or falsely claims to represent a person or organisation; or

j) otherwise causes, or may cause, damage to the IAR or impairment of the

availability or accessibility of any part of the IAR.

4. User accounts

Users agree that:

a) he or she is individually responsible for maintaining the confidentiality of his or

her password and account;

b) he or she is individually responsible for all activities that occur under his or her

password or account;

c) he or she will immediately notify datansw@finance.nsw.gov.au of any

unauthorised use of his or her password or account or any other breach of

security;

d) he or she will immediately notify datansw@finance.nsw.gov.au if their

employment status with the NSW Government changes, including a change of

20

agency or termination of employment, and he or she will cease to access the

IAR;

e) any accounts that have been inactive for an extended period of time may be

permanently deleted without notice, including any files or content remaining on

the account;

f) The IAR may preserve or disclose content on your account if:

i. required to do so by law.

ii. in good faith such disclosure is reasonably necessary to protect the

rights, property, personal safety or business interests of the IAR, users

of the IAR or the public.

iii. in good faith such disclosure is reasonably necessary to enforce these

Terms of Use or to respond to any complaints relating to these Terms of

Use.

g) technical processing of the IAR and transmission of content, including individual

user content, may involve various networks, and content may be translated to

conform and adapt to technical requirements of connecting networks or

devices.

5. Exclusion from Data.nsw

OFS reserves the right to determine, at its own discretion, whether a breach of these

Terms of Use has occurred. OFS may take such action as OFS deems appropriate to

deal with a breach of these Terms of Use, which may include permanently deleting any

files or content on a user account and/or barring any further access by a user to IAR

files or to the IAR.

OFS reserves the right to exclude any user from the IAR at any time.

6. Liability

OFS gives no warranty or guarantee in relation to the IAR or in relation to any data or

information provided through or associated with the IAR in any way. OFS accepts no

liability, whether arising directly or indirectly, in relation to:

a) the IAR or any of the web pages or systems that comprise the IAR;

b) any breach of these Terms of Use;

21

c) any decisions by or actions on the part of OFS to exclude users of the IAR or

others from access to the IAR; or

d) any reliance for any purpose on data or information provided through, linked to

or associated with the IAR in any way or

e) the quality, operability, interoperability or accuracy of the data or metadata.

22

Attachment C – APAIS High Level Thesaurus

See http://www.nla.gov.au/apais/thesaurus/about.html for more information.

Aboriginal studies

Accounting

Agriculture- economic,

social, political aspects

Anthropology

Archaeology

Architecture

Archives

Arts

Banking

Communications

Computer applications

Conservation

Crime

Cultural affairs

Defence

Drug abuse

Economics

Education

Employment

Environment

Ethnic groups

Family

Finance

Geography

Government

Graphic arts

Health

History

Industrial relations

Industry

Labour issues

Language

Law

Libraries

Linguistics

Literature

Local government

Management

Music

Occupational Health

Philosophy

Politics

Psychology

Public administration

Religion

Science

Scientific and industrial

research-social;

economic; Legal;

political and cultural

aspects

Social aspects of

medicine

Social issues

Sociology

Taxation

Technology

Theatre

Town planning

Transport

Urban affairs

Welfare

Women

Youth

23

Attachment D – DCMI Type Vocabulary

The DCMI Type Vocabulary is the AGLS-approved encoding scheme for the “type”

metadata element. See http://dublincore.org/documents/2000/07/11/dcmi-type-

vocabulary/ for more information.

1. Collection

Name: Collection Label: Collection

Definition: A collection is an aggregation of items. The term collection means that the

resource is described as a group; its parts may be separately described and navigated.

2. Dataset

Name: Dataset Label: Dataset

Definition: A dataset is information encoded in a defined structure (for example, lists,

tables, and databases), intended to be useful for direct machine processing.

3. Event

Name: Event Label: Event

Definition: An event is a non-persistent, time-based occurrence. Metadata for an event

provides descriptive information that is the basis for discovery of the purpose, location,

duration, responsible agents, and links to related events and resources. The resource

of type event may not be retrievable if the described instantiation has expired or is yet

to occur. Examples - exhibition, web-cast, conference, workshop, open-day,

performance, battle, trial, wedding, tea-party, conflagration.

4. Image

Name: Image Label: Image

Definition: An image is a primarily symbolic visual representation other than text. For

example - images and photographs of physical objects, paintings, prints, drawings,

other images and graphics, animations and moving pictures, film, diagrams, maps,

musical notation. Note that image may include both electronic and physical

representations.

5. Interactive Resource

Name: InteractiveResource Label: Interactive Resource

Definition: An interactive resource is a resource which requires interaction from the

24

user to be understood, executed, or experienced. For example - forms on web pages,

applets, multimedia learning objects, chat services, virtual reality.

6. Service

Name: Service Label: Service

Definition: A service is a system that provides one or more functions of value to the

end-user. Examples include: a photocopying service, a banking service, an

authentication service, interlibrary loans, a Z39.50 or Web server.

7. Software

Name: Software Label: Software

Definition: Software is a computer program in source or compiled form which may be

available for installation non-transiently on another machine. For software which exists

only to create an interactive environment, use interactive instead.

8. Sound

Name: Sound Label: Sound

Definition: A sound is a resource whose content is primarily intended to be rendered

as audio. For example - a music playback file format, an audio compact disc, and

recorded speech or sounds.

9. Text

Name: Text Label: Text

Definition: A text is a resource whose content is primarily words for reading. For

example - books, letters, dissertations, poems, newspapers, articles, archives of

mailing lists. Note that facsimiles or images of texts are still of the genre text.

25

Attachment E - Contact and Further

Information

More information, questions and queries about the IAR feel free to contact:

Digital Archives State Records Authority NSW NSW Office of Finance& Services T 02 9673 1788 E datansw@finance.nsw.gov.au Information Team Strategic Policy NSW Office of Finance & Services T 02 9372 9034 E datansw@finance.nsw.gov.au

26

Document Control

Document History

Date Version

No.

Description Author

June 2014 0.1 Initial draft Adam Spivakovsky

June 2014 0.2 Revised draft Adam Spivakovsky

July 2014 1.0 Final draft Adam Spivakovsky

March 2015 1.1 Document revision Alexander Cobb

Document Custodian

Name Signature

Dawn Routledge

Executive Director

Strategic Policy

Office of Finance and Services

NSW Office of Finance & Services

Strategic Policy Level 23W, McKell Building 2-24 Rawson Place Sydney NSW 2000 T 02 9372 8132 TTY 1300 301 181 www.finance.nsw.gov.au