Legislation, policies, standards and advice

This page lists whole of government sources, including legislation, policies, standards, advice and guidance, that impact on the information and records management responsibilities of most Commonwealth entities. The sources identify regulatory and sound records management practices, which enable agencies to meet legislative requirements and community expectations, and to promote accountability and transparency of government decisions and actions.

The Australian National Audit Office recommended in its  'Recordkeeping including the management of electronic records' report that the Archives publish details of the legislation, policies, standards and guidance that impact on entities' recordkeeping responsibilities (recommendation 1c). This list addresses that recommendation, and provides details of whole of government sources which outline various records management responsibilities.

The sources, identified in consultation with other Australian Government agencies, have been grouped by:

  • Source type
    • Legislation, Legislative Instrument and Standing Orders
    • Whole-of-Government Policies and Strategies
    • Records and Information Management Standards and Authorities
    • Guidance and Advice
  • Category type:
    • Mandatory – Legislation/Legislative Instruments and Standing Orders
    • Required practice – Agencies must be aware of, and implement to the level required, the requirements of the relevant policy/standard/guideline
    • Recommended good practice – Agencies are not obliged to comply and may adopt the advice/guidance as best suits their needs. However agencies are strongly recommended to follow, to the extent needed, the advice/guidance in these products
    • Information resource – Agencies may benefit by consulting this material which may provide information on records management issues and requirements
  • Subject/Topic type (eg FOI, privacy, security, storage, cloud, preservation, disposal , standard etc)

The list is not exhaustive and does not include sources relevant to entities responsible for unique regulatory or business functions.

Legislation, Legislative Instruments and Standing Orders

TitleDescriptionAgency ResponsibleCategory typeSubject/Topic
Archives Act 1983

This Act empowers the National Archives of Australia to oversee recordkeeping practices in the Australian Government and to set recordkeeping requirements for Commonwealth records (Section 2A).

Under the Act, agencies are responsible for the:

  • destruction, transfer, or alteration of Commonwealth records (section 24), subject to Archives’ authorisation
  • transfer of archival resources of the Commonwealth into Archives’ care (section 27)
  • following of records management standards and other obligations set by the Archives.

The Act also establishes a right of public access to non-exempt Commonwealth records in the 'open access period' (transitioning from 30 years to 20 years over the period 2011 to 2021 under amendments to the Act passed in 2010).

Different open access periods exist for:

  • Cabinet notebooks (transitioning from 50 years to 30 years over the period 2011 to 2021)
  • records containing Census information (99 years)
National Archives of Australia (NAA)MandatoryDisposal Access
Archives RegulationsThe Regulations require Australian Government agencies to provide the Archives with specified documentation or advice supporting agencies’ dealings with their records, such as information for appraisal, notification or confirmation of destruction or other disposal, and notice of consent to destruction or other disposal.National Archives of Australia (NAA)Mandatory 
Privacy Act 1988

This Act regulates the handling of personal information about individuals. This includes its collection, use, storage and disclosure.

The Act contains 13 Australian Privacy Principles (APPs) which regulate the handling of personal information by most Australian Government agencies. APP 4 and 11 contain provisions for the destruction or de-identification of personal information where it is not contained in a Commonwealth record. APP 10 outlines the need to keep accurate, up-to-date and complete personal information.

The Act also regulates the use and management of Australian tax file numbers, personal information for medical research and credit information.

Attorney-General’s Department

Office of the Australian Information Commissioner (OAIC)

Privacy Regulation 2013

Under the Act, agencies also need to take reasonable steps to destroy or de-identify personal information that they hold once it is no longer needed, unless an exception applies.

This Regulation details the exceptions to the APPs and lists a number of agencies that may use or disclose personal information.

Office of the Australian Information Commissioner (OAIC)MandatoryPrivacy
Legally binding privacy guidelines and rulesThese are issued by the Australian Information Commissioner, under the Privacy Act. There are a number of rules and guidelines which cover the protection, use and disclosure of information relating to tax file numbers, credit research and medical research.Office of the Australian Information Commissioner (OAIC)MandatoryPrivacy
Freedom of Information Act 1982

This Act provides a legally enforceable right of access to government-held documents, other than exempt documents. It enables individuals to request access to documents about themselves or other documents, such as documents concerning policy development and government decision-making and to seek amendment or annotation of personal records. It applies to Australian Government ministers and most agencies. The Act specifies which agencies and categories of documents are exempt.

Part II of the Act establishes an information publication scheme (IPS) for agencies. Agencies are required to publish a plan detailing the information they propose to publish under the scheme and how and to whom it publishes that information. Agencies must publish 10 categories of information including the agency’s structure, functions, operational information and citizen engagement arrangements. Agencies are required to publish a disclosure log, which is a register of information released in response to FOI requests (subject to limited exceptions).

Attorney-General’s DepartmentMandatoryFOI
Freedom of Information (Charges) Regulations 1982These Regulations set out the charges applicable for searching for and retrieving official documents.Office of the Australian Information Commissioner (OAIC)MandatoryFOI
Disclosure Log Determination No. 2013-1 (Exempt Documents)

This determination prescribes two categories of documents that an agency or Minister is not required to make available to members of the public as part of a disclosure log published under Section 11C (3) of the FOI Act. The determination enables access to be provided to a document to a particular applicant without publishing the document more widely; or to provide access to a particular applicant to a document which might be an exempt document to another applicant, for example due to secrecy provisions.

The Australian Information Commissioner can make determinations under the FOI Act to exempt documents from publication either through the Information Publication Scheme (IPS) or the FOI Disclosure Log. The OAIC site provides advice on FOI determinations.

Office of the Australian Information Commissioner (OAIC)MandatoryFOI
Crimes Act 1914This Act contains provisions relating to the protection of official information and sets out penalties for unauthorised disclosure.
  • section 39 makes it an offence for a person to intentionally destroy or make inaccessible information known to be required as evidence in a federal judicial proceeding
  • section 70 makes it an offence for a Commonwealth officer to publish or communicate information gained by virtue of being a Commonwealth officer, unless authorised to do so
  • section 79 relates to receipt and communication of official secrets.
Attorney-General’s Department (AGD)Mandatory 
Public Service Act 1999This Act sets out the Australian Public Service Values and Code of Conduct. These contain a number of sections which directly and indirectly relate to records management, such as:
  • section 10 (4) - the APS is open and accountable to the Australian community under the law and within the framework of Ministerial responsibility
  • section 13 (4) – an APS employee must comply with all applicable Australian laws when acting in connection with APS employment
  • section 13 (8) – an APS employee must use Commonwealth resources in a proper manner.
Australian Public Service Commission (APSC)Mandatory 
Public Service Regulations 1999Division 2.1 refers to the Code of Conduct and the APS employee’s duty not to disclose information.Administered by Department of the Prime Minister and CabinetMandatory 
Australian Public Service Commissioner’s Directions 2013These Directions outline the APS values and expand on the APS accountability and transparency in decision making under Section 16.Administered by Department of the Prime Minister and CabinetMandatory 
Public Governance, Performance and Accountability Act 2013This Act establishes the governance, performance and accountability requirements for Commonwealth entities. Part 2-4 of the Act provides details on the use and management of public resources (eg Commonwealth records). Division 3-28 refers to the duty of each employee in relation to the use of information and Division 3-37 identifies the need to create and keep records documenting an agency’s performance.Department of FinanceMandatory 
Commonwealth Procurement Rules (CPRs)By implementing the CPRs, agencies ensure accountability and transparency in their procurement activities. Part 7 outlines the need to:
  • maintain and provide access to procurement records
  • retain documentation in accordance with the Archives Act 1983
  • provide information to potential suppliers
  • take appropriate steps to protect the Commonwealth’s confidential information.
Department of FinanceMandatory 
Evidence Act 1995This Act provides for documents created and maintained in paper and electronic form to be presented as evidence before federal courts:
  • section 48 allows for presenting of original documents, as well as copies, extracts from, or summaries of, original documents
  • section 51 abolishes the original document rule
  • sections 155 and 156 refer to the production in court of Commonwealth records
  • section 182 lists, in a table format, the relevant sections in the Act which apply to Commonwealth records.
General advice on the impact of the Act is given in National Archives of Australia publications Records in Evidence and Evidence law in Australia.
Attorney-General’s Department (AGD)Mandatory 
Electronic Transactions Act 1999The Act facilitates the use of electronic transactions and enables business and the community to use electronic communications in their dealings with government. Under section 8(1) of the Act, a transaction is not invalid because it took place by means of electronic communication. Section 11 refers to the production, integrity, retention and copyright of a document in electronic form.Attorney-General’s Department (AGD)Mandatory 
Electronic Transactions Regulations 2000Part 3 applies to electronic communications and describes the manner of giving or serving documents by electronic communication. Documents sent to a nominated electronic address must be in a format that allows them to be saved to an electronic file and to be printed (section 10(4).Attorney-General’s Department (AGD)Mandatory 
Fair Work Act 2009This Act provides a framework for workplace relations in Australia. Section 535 sets out employers’ obligations in relation to employee records and sections 482 and 483 refer to a permit holder’s right to access and inspect records, and to make copies of records or documents. Further information about workplace rights and obligations under the Act is available on the Fair Work Ombudsman’s website.Department of EmploymentMandatory 
Fair Work Regulations 2009Division 3, Subdivision 1 outlines employers’ obligations in relation to employee records and payslips:
  • regulation 3.31 states that an employee record must be in a legible form and readily accessible to an inspector
  • regulation 3.42 deals with obligations for employers to facilitate the inspection and copying of records by employees
  • regulation 3.44 sets out requirements to ensure records are accurate at all times.
Department of EmploymentMandatory 
Senate Continuing Order for the production of departmental and agency file lists (Harradine Motion)

Australian Government agencies are required to publish, by tabling in the Senate and on their Internet home page, lists of relevant files (and new file parts of existing files) created in each six-month period. The production of the list is intended to make the operations of government more transparent to the Australian public.

Relevant files include policy, development of legislation, and other matters of public administration. Case files or files related to the internal administration of the department or agency (eg staff or personnel, accounts, training etc) need not be included on the list.


Whole-of-Government Policies and Strategies

TitleDescriptionAgency ResponsibleCategory typeSubject/Topic
Digital Transition Policy

This whole of government policy aims to move Australian Government agencies to digital recordkeeping for efficiency purposes.

Under the policy, the majority of records should be created and managed digitally, and where possible, incoming paper records should be scanned so new paper files are not created. Records that are created digitally after 2015 will be accepted for transfer to National Archives of Australia in digital formats only.

National Archives of Australia (NAA)Required practice 
Digital Service StandardThe standard establishes the criteria that Australian Government digital services must meet to ensure government services are simpler, faster and easier to use. Agencies need to apply the standard by:
  • interacting with users and providing services online (criterion 1)
  • making and keeping accurate records of Commonwealth web resources (criterion 3)
  • implementing open standards for software interoperability, data and document formats (criterion 5)
  • building digital services that are accessible and usable (criteria 7, 8 and 9).
Digital Transformation Office (DTO)Required practiceStandard Access
Protective Security Policy Framework (PSPF)

The PSPF provides the appropriate controls for the Australian Government to protect its people, information and assets, at home and overseas.

The Information security core policy is central to the framework and contains a set of seven (7) mandatory requirements based on the confidentiality, integrity and availability of information.

Attorney General’s Department (AGD)

Required practice with a set of mandatory componentsSecurity
Cyber Security Strategy

This strategy provides the framework to ensure online government services are available when needed and that personal and business information provided to government is protected. The document lists guiding principles, objectives and strategic priorities of cyber security policy programs.

Attorney General’s Department (AGD)Required practiceSecurity
Australian Government Information Security Manual (ISM)This standard refers to the security of government ICT systems. It provides agencies with a set of detailed controls that can be implemented to mitigate risks to their information and ICT systems. It lists a number of documents, including business continuity and disaster recovery plans, required in agencies for the protection of their information.Australian Signals Directorate (ASD)Required practiceSecurity
Australian Government Cloud Computing Policy

The policy explains the Government’s vision, goals and actions in the use of cloud computing. Agencies are required to use cloud services for new ICT services when replacing any existing ICT services, whenever those cloud services are fit for purpose, offer the best value for money, and provide adequate management of risk to information and ICT assets.

Agencies are to evaluate and select cloud services commensurate with the requirements of the information.

Department of FinanceRequired practice with a mandatory implementation elementCloud

Records and Information Management Standards and Authorities

TitleDescriptionAgency ResponsibleCategory typeSubject/Topic
AS ISO 15489 Records Management

This standard provides guidance on creating policies, procedures, systems and processes to support the management of records in all formats.

AS ISO 15489 is in two parts:

  • AS ISO 15489.1: Records Management - Part 1: General (the actual standard)
  • AS ISO 15489.2: Records Management - Part 2: Guidelines (a technical report)

Both parts apply to records in any format or media, created or received by any public or private organisation in the course of its business.

Note: The standard provides the basis for National Archives of Australia records management standards, policies and guidelines.

The international version, ISO 15489, was reviewed and released as a second edition in 2016. The Australian version, AS ISO 15489, released in 2002 is still current.

Copies of AS ISO 15489 can be purchased from SAI Global.

Required practice

Endorsed for use by Australian Government agencies by the National Archives of Australia

AGLS Metadata Standard 2010 (AS5044) and Implementation ManualThe standard contains a set of properties that describe the online resources (eg websites) of the Australian Government. The aim of the AGLS metadata standard is to improve the visibility, management, discoverability of, and access to, government resources. The Australian Government Web Guide requires the use of AGLS.National Archives of Australia (NAA); AGIMORequired practiceStandard Access
Australian Governments' Interactive Functions Thesaurus(AGIFT)

This standard describes the business functions carried out across Commonwealth, state and local governments in Australia. It contributes to the discovery of online government information and services.

AGIFT contains 26 high-level functions, each with second and third level concepts, as  well as alternative labels and related concepts.

National Archives of Australia (NAA)

Required practiceStandard Access
AS/NZS ISO 16175 Principles and Functional Requirements for Records in Electronic Office Environments

The standard provides internationally agreed principles and functional requirements for software used to create and manage digital records. It assists agencies to assess the records management compliance of an existing system and to identify records management functionality to include in a design specification when upgrading or acquiring new systems.

Archives' Business Systems Assessment Framework is based on Part 3 of ISO 16175. The framework provides a streamlined, risk-based approach to the assessment of information management functionality in business systems.

Copies of AS/NZS ISO 16175 can be purchased from SAI Global.

Required practice


Australian Government Recordkeeping Metadata Standard (AGRkMS) Version 2.2




Minimum metadata set

AGRkMS describes the type of information that Australian Government agencies should capture in a structured way to describe the identity, authenticity, content, context and essential management requirements of records.

The standard is designed to be used as a tool by personnel involved in information and records management, data management and information and communication.

The minimum metadata set is a practical application of AGRkMS to support metadata implementation and information use in agencies. It identifies nine metadata properties essential for agency management of information.

The set supports the Digital Continuity 2020 principles of interoperable systems and processes.

National Archives of Australia (NAA)

Required practice

Issued for use by Australian Government agencies by the National Archives of Australia

Standard Access
AS/NZS 5478

The 'Recordkeeping metadata property reference set' (RMPRS) standard is based on the 'Australian Government Recordkeeping Metadata Standard' (AGRkMS). It supports system interoperability and records sustainability by providing a common and flexible framework for implementing recordkeeping metadata compatible with jurisdiction and agency-specific requirements.

The standard aims to avoid duplication and confusion by harmonizing similar recordkeeping metadata standards in existence in different jurisdictions in Australia and New Zealand.

Copies of AS/NZS 5478 can be purchased from SAI Global

Required practice

The standard has been endorsed for adoption in Australia and New Zealand by the Council of Australasian Archival and Records Authorities (CAARA). It is consistent with AGRkMS.

Standard for the Physical Storage of Commonwealth Records

The standard represents a voluntary code of best practice for the storage of government records. It provides a benchmark for assessing storage facilities for physical records.

National Archives of Australia (NAA)Recommended good practiceStandard Storage
Agency-specific Records Authorities

(issued to cover the retention and destruction of records relating to agency specific core business)

This source lists a set of Records Authorities which give permission to individual or nominated agencies to destroy or transfer records of their unique business activities. Records Authorities are issued by the Archives under section 24 of the Archives Act 1983.National Archives of Australia (NAA)Required practiceDisposal

General Records Authorities

(issued to cover the retention and destruction of records relating to agency common business activities)

The source lists a set of General Records Authorities which give permission to agencies to destroy or transfer records of certain activities that are common across the Australian Government. General Records Authorities are issued by the Archives under section 24 of the Archives Act 1983.National Archives of Australia (NAA)Required PracticeDisposal
Records Disposal Freezes or Retention noticesThis source lists the disposal freezes in operation. These state that agencies must not destroy any relevant records even where a current records authority exists. Disposal freezes usually relate to a judicial inquiry to protect records which may be required as evidence.National Archives of Australia (NAA)Required practiceDisposal

Email Protective Marking Standard for the Australian Government

The standard defines how protective markings (ie requirements to protect the information in a message) are to be formatted for email messages. It allows systems, such as an agency email gateway, to control the flow of information into and out of the agency.Department of FinanceRequired practiceSecurity
Email Protective Marking Standard Implementation Guide for the Australian Government

This document guides agencies on implementing the protective marking system for email. It contains recommendations for achieving a coordinated and consistent protective control of email across government.

Note: The standard and implementation guide are also available under e-Security at the Whole-of-Government ICT policies and circulars page.

Department of FinanceRequired PracticeSecurity

Guidance and Advice

TitleDescriptionAgency ResponsibleCategory typeSubject/Topic
Check-up Digital

This is a practical online survey developed to help Australian Government agencies gauge their digital information management maturity and set clear direction for improved digital practices.

National Archives of Australia (NAA)

Required practice

Digital continuityThe source explains the elements of digital continuity and lists the Digital Transition Policy requirements. The aim of digital continuity is to ensure that digital information can be used in the way that is required, for as long as required and no longer.National Archives of Australia (NAA)Required practice
FOI guidelines

These guidelines are issued under section 93A of the FOI Act 1982. While they are not legislative instruments, under section 93A of the FOI Act, Australian Government ministers and agencies are required to have regard to them when undertaking activities under the FOI Act.

The guidelines refer to processing matters, charges, exemptions, amendment or annotation of personal records, decisions and reviews on FOI requests, complaints, the information publication scheme, disclosure log responsibilities, and reporting requirements.

Office of the Australian Information Commissioner (OAIC)

Required practiceFOI
FOI guidance notesThese notes help agencies consider the application of two access exemptions in the FOI Act 1982 when dealing with FOI requests. The exemptions are:
  • cabinet document exemption
  • deliberative document exemption.
Note: The notes should be read in conjunction with the FOI guidelines.
Attorney General’s Department (AGD)

Required Practice


Privacy Act 1988:Guide to securing personal information

The guide provides information on the steps agencies are required to take under the Privacy Act 1988 to protect holdings of personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.Office of the Australian Information Commissioner (OAIC)Required practicePrivacy
PSPF Protocols and Guidance: Information Security Management

This protocol specifies the information security controls that are needed to satisfy the information security mandatory requirements. The protocol covers all information assets owned by the Australian Government.

Attorney General’s Department (AGD)Required practiceSecurity

Information Security

This source contains advice on cloud security, ICT security products evaluation and enterprise mobility. It also includes a number of strategies to mitigate targeted cyber intrusions.

Note: As of April 2013, the top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for Australian Government agencies.

Australian Signals Directorate (ASD)Required practice with a set of mandatory componentsSecurity

Cloud Computing Security

This source describes the information security risks that need to be considered by agencies wishing to adopt cloud services. It also includes a list of Australian Signals Directorate (ASD) certified cloud services.Australian Signals Directorate (ASD)Required practiceCloud
Implementing machinery of government changesThis source helps agencies to implement machinery of government (MoG) changes. It includes a section on records management , which expands on the general principle that records follow functions when MoG changes occur within the APS. It also lists a number of services provided by the National Archives of Australia and AGIMO.Australian Public Service Commission (APSC)Required practiceAccess

APS Values and Code of Conduct in practice: A guide to official conduct for APS employees and agency heads

This guide assists APS employees to understand the practical application of the APS ethics framework. Includes sections on:

Australian Public Service Commission (APSC)Required practice
Information governance

This advice focuses on digital information governance and outlines accountability, roles and responsibilities, as well as ways to achieve effective digital information governance.

Some of the key information governance documents include:

National Archives of Australia (NAA)Recommended good practice
Conducting an information review

This source provides practical advice on conducting an information review.

An information review is a process for identifying and evaluating the ability of an agency's core information to meet its business needs. It focuses on the value of information and it is the basis for an effective information governance regime. An information review is a key action identified in Archives’ Digital Continuity Plan.
National Archives of Australia (NAA)

Recommended good practice

Digitising accumulated physical recordsThe document provides advice on a range of issues that should be considered when planning digitisation projects, and explores records management and records handling issues that arise for both the source records and the digitised records.National Archives of Australia (NAA)Recommended good practice
Preserving physical recordsThis page provides advice on the physical preservation of records, including recovery of fire and flood-damaged records.National Archives of Australia (NAA)Recommended good practicePreservation
Outsourcing digital data storageThe advice details some of the potential risks associated with storing Australian Government records in data centres, digital repositories and the cloud.National Archives of Australia (NAA)Recommended good practiceStorage
Keep the Knowledge –Make a RecordThis training package helps Australian Government employees, contractors and consultants to understand their records management responsibilities. The package includes an e-learning module which can be used to provide self-paced learning to staff.National Archives of Australia (NAA)Recommended good practiceTraining
eLearning Modules

These modules assist in building digital information and records management knowledge and capabilities across the Australian Government.

Note: eLearning modules are only available for purchase by Australian Government agencies.

National Archives of Australia (NAA)Recommended good practiceTraining
Privacy Act 1988:Advisory privacy guidelinesThese privacy guidelines can assist agencies to ensure business is transacted in accordance with sound privacy practices.Office of the Australian Information Commissioner (OAIC)Recommended good practicePrivacy
Guidelines on data-matching in Commonwealth AdministrationThe guidelines aim to assist Australian Government agencies to use data matching as an administrative tool in a way that complies with the Australian Privacy Principles (APPs) and the Privacy Act.Office of the Australian Information Commissioner (OAIC)Recommended good practicePrivacy
Privacy Act 1988:Privacy and Cloud Computing for Australian Government Agencies

This guide was developed to assist agencies better understand how to comply with privacy laws and regulations when choosing cloud-based services. Agencies must take contractual measures to ensure the contracted service providers do not do anything that would breach the Australian privacy principles so that personal information is protected from unauthorised access or disclosure, misuse, interference and loss.

Department of Finance – AGIMORecommended good practicePrivacy Cloud
Advice on managing the recordkeeping risks associated with cloud computingThis guideline provides a checklist for agencies to determine which records could be kept using cloud computing applications. It also details the potential risks that need to be considered, and offers a list of useful contractual arrangements.Council of Australasian Archives and Records Authorities (CAARA)Recommended good practiceCloud
FOI Act 1982:Principles on open public sector informationThese eight principles provide a set of core concepts to guide publication of government information, including information released under the Information Publication Scheme (IPS). They complement the provision of the IPS and guide agencies on the release of Public Sector Information more broadly, beyond the requirements of the FOI Act.Office of the Australian Information Commissioner (OAIC)Recommended good practiceFOI
Australian Government Information Interoperability FrameworkThis publication provides the principles that underpin sound information management and establishes the concepts, practices and tools that will drive the successful sharing of information across government boundaries.Department of FinanceRecommended good practiceAccess
Australian Government Technical Interoperability FrameworkThe framework provides the first step in establishing compatibility at the technical level for the exchange of data and harmonisation of related business transactions within a trusted environment. It contains details on the principles behind technical interoperability, and relevant case studies and patterns within the Australian Government. It also contains a comprehensive set of standards to be referred to when developing technical interoperability.Department of FinanceRecommended good practiceAccess
Web Publishing Guide

This guide aims to assist Australian Government agencies manage their online presence. It covers a number of subjects, including mandatory and recordkeeping requirements relating to websites.

Note: the listing of mandatory requirements supplements any agency-specific guidelines relating to websites, it does not replace them.

Australian Government - Digital transformation officeRecommended good practiceAccess
Better Practice Checklists & Guidance for the provision of online servicesThese documents have been created to help executives, business managers, web managers and others to improve their understanding of a range of issues associated with the provision of services online. Better Practice Checklists include the use of metadata for web resources, archiving web resources, management of online content and email address naming standards.Department of FinanceRecommended good practiceAccess
APS Induction ProgramThis is an online program which provides important information for working in the Australian Public Service (APS). Setting the Record Straight module examines the importance of accountability and transparency to the operation of the APS.Australian Public Service Commission (APSC)Recommended good practice on how to meet a range of expectations and obligationsTraining
Whole-of-Government ICT policies and circularsThis source lists a number of mandatory and other business policies, and a list of ICT circulars. Policies include:
  • business continuity
  • e-Security (cyber security, PKI framework, e-authentification framework)
  • ICT capability
  • ICT procurement
  • online engagement
  • ICT sustainability
  • web standards.
Department of FinanceInformation resource
The Australian Public Service Big Data Strategy

This strategy sets out the actions that the Australian Government is taking to harness the opportunities afforded by big data without compromising the privacy of individuals. It provides a whole-of-government approach to big data in order to enhance services, deliver new services and provide better policy advice, while incorporating best practice privacy protections and leveraging existing ICT investments.

Big data supports agencies operations and is recognised as a government and national asset.

Department of FinanceInformation resource
Australian Government Data Centre Strategy 2010 – 2025This strategy aims to aggregate agencies’ demand for data centres space in order to:
  • ensure agencies adopt modern technologies and practices which will improve the effectiveness and efficiency of the data centre use
  • share data centre sites and services to reduce duplication and unnecessary cost of infrastructure
  • match the business needs and requirements of the agencies.
Department of FinanceInformation resource
Business Process Interoperability FrameworkThe Business Process Interoperability Framework (BPIF) promotes a whole of government approach to the management of business processes and a consistent way of tackling common issues across multiple agencies. It provides a series of tools to support agencies undertaking business process interoperability initiatives.Department of FinanceInformation resourceAccess
Gatekeeper Public Key Infrastructure (PKI) FrameworkThis source provides information on the Australian Government’s strategy for the use of Public Key Infrastructure (PKI) as a key enabler for the delivery of online government services. The strategy ensures a whole of government framework that delivers online integrity, interoperability, authenticity and trust for agencies and their clients.Department of FinanceInformation resourceSecurity
National e-Authentication Framework

The National e-Authentication Framework (NeAF) assists agencies, jurisdictions and sectors in authenticating the identity of the other party to a desired level of assurance or confidence. The NeAF encompasses the electronic authentication (e‑authentication) of the identity of individuals and businesses dealing with the government, on one side of the transaction, as well as the authentication of government websites on the other side.

The source includes a best practice guide to authorisation and access management for the provision of online services to Australian businesses.

Department of FinanceInformation resourceSecurity
Web Accessibility National Transition StrategyThis Strategy paves the way for a more accessible and usable web environment. It outlines a phased work plan for archiving/decommissioning non-essential or outdated websites, assessing risks and infrastructure, upgrading websites and implementing the new conformance requirements.Department of FinanceInformation resourceAccess
Copyright Act 1968:Commonwealth Library Deposit and Free Issues Schemes (LDS)

Under this scheme, Australian Government departments and agencies are required to provide one copy of each publication that they publish to each participating deposit library. The scheme supplements the legal deposit, which is a statutory requirement under the Copyright Act 1968.

The page also provides a link to the websites of the participating libraries in the ‘Library deposit and Free Issue Schemes’.

Department of FinanceInformation resourceCopyright
Cabinet Handbook – 10th editionThe Cabinet Handbook outlines the procedures designed to ensure that the Cabinet observes a set of conventions and principles and fulfils its central purpose of informed decision-making.Department of Prime Minister and CabinetInformation resource
Federal Executive Council HandbookThe Federal Executive Council Handbook is produced as an aid for departmental officers and ministerial staff in the preparation of papers for consideration by the Governor-General in Council.Department of Prime Minister and CabinetInformation resource
Lessons for public administration: Ombudsman investigation of referred immigration cases

As a result of an investigation into immigration detention cases in 2005/06, the Commonwealth Ombudsman highlighted ten lessons relevant to all areas of government. The first lesson outlined was ‘Maintain accurate, comprehensive and accessible records’.

A summary of the investigation is also available in the Ten principles for good administration – Fact Sheet 5.

Commonwealth OmbudsmanInformation resource
Copyright National Archives of Australia 2019