Business System Assessment Framework

The Digital Continuity 2020 Policy plays a key role in supporting the Australian Government’s digital transformation initiatives by helping agencies to:

  • fully understand and realise the benefits of their information assets
  • ensure that their information is available and usable for as long as it is required

The Business System Assessment Framework provides a consistent, streamlined, risk-based approach to the assessment of information management functionality in business systems.

It is based on Part 3 of ISO 16175 Principles and Functional Requirements for Records in Electronic Office Environments.

The Business System Assessment Framework

The Business System Assessment Framework will enable your agency to better manage its business information through:

  • assessing information and data risks and values
  • identifying the systems functionality required to manage information and data appropriately
  • providing solutions to address gaps in a system's ability to manage information and data
  • ensuring greater accountability and transparency.

The framework recognises that not all information and data is of equal value. It has been developed so that business systems managing high-risk or high-value information and data undergo a more extensive assessment than systems managing low-risk or low-value information and data.

The framework can be used to build functional specifications for new systems and applied to existing systems. It is suitable for use by information management practitioners, business owners and ICT staff.

Note: The framework does not apply to Electronic Document and Records Management Systems (EDRMS) as they are covered by Part 2 of ISO 16175 Principles and Functional Requirements for Records in Electronic Office Environments, which requires more comprehensive functional requirements than Part 3.

Online tool pilot

To complement the Business Systems Assessment Framework suite of products, the National Archives is piloting an online tool to further support agencies to assess the information management functionality of their business systems. The tool has been designed to:

  • make it easier to consistently assess the information management functionality in business systems
  • seamlessly guide users through the framework
  • provide evidence that appropriate rigour has been undertaken assessing functionality
  • identify risks and potential issues associated with a lack of information management functionality.
  • assist development of system information management plans.

Open the Business System Assessment Framework tool

We welcome your feedback about the usability or content in the online tool through the Agency Service Centre.

Before you begin

The framework is part of a larger suite of information governance tools. To assist with assessing your business systems, you should have:

Systems register

You need to identify the systems in your agency. One way of doing this is to create a systems register listing all the business systems in use in your agency including any legacy systems. The register should list key details about the system including name, version, business owner and a summary of the type of information held. It should also indicate where systems are linked to, and relied on by, other systems. The details in the systems register will help you to prioritise which systems to assess. High-risk and/or high-value systems should have priority.

Identifying all the systems in use will help you keep track of where you are up to with your assessments. If you do not have a systems register, a good place to start to identify systems would be your ICT area. You may also be able to draw on information from your business continuity plan, Check-up Digital assessments or information review findings.

System information management plan

The assessment of each system should be documented in a system information management plan template The plan should:

  • link to your systems register and other information governance documents
  • cover all relevant information about the system including software, business owners, how it will be managed over its life and details about its assessment against the framework
  • extend to systems and technology hosted in the cloud, or via social media and mobile devices.

Contact us

If you have questions or feedback about the framework please contact the Agency Service Centre by using our inquiry form.