Designing and maintaining an information asset register

Information asset registers are part of an effective information governance program. They aid understanding of records, information and data that are managed and maintained enterprise-wide.

An information asset register identifies and controls information assets with business value from within your agency. It is a key tool that is used when conducting an information review and facilitating operational efficiencies. Once established, an information asset register will help you meet your information management strategy requirements and implement ongoing monitoring and awareness of your assets.

The Building trust in the public record policy recommends agencies register their information assets where there is business value in doing so (action 5). Managing and maintaining an information asset register also supports enterprise-wide governance for records, information and data as recommended in the policy (action 2)

The National Archives has developed the information asset register template that agencies can use to help develop and design their own information asset register to meet their business requirements.

What is an information asset register?

In its simplest form, an information asset register is a list that captures information about your information assets. It is accessed and maintained to help address business requirements. Managing your assets in a register will help avoid unnecessary or unknown duplication of information, systems and processes.

Your agency may have one or more of the following:

  • an asset register
  • an inventory
  • a catalogue

The Office of the National Data Commissioner provides advice on the differences between these functions for data management.

Why have an information asset register?

Information asset registers can help you identify:

  • valuable information assets that need to be prioritised
  • assets that pose significant risk
  • people and positions that are responsible for particular information assets.

Your agency may design an information asset register to:

  • find and capture relevant assets for an information review
  • inform preservation strategies for information assets that must be kept long-term
  • review the effectiveness of disposal practices and identify problem business areas
  • confirm location and security of sensitive or private information assets
  • identify key information assets and systems for business continuity planning
  • create an enterprise-wide view of information assets.

Creating an enterprise-wide view

An enterprise-wide information asset register is recommended. However, as a starting point, smaller local registers can help achieve the key goal of controlling and understanding your agency’s information assets. Centralising your information asset registers and enabling user-centred workflows will provide an enterprise-wide view based on multiple registers.

Ways that agencies may centralise information asset registers include:

  • managing a simple list of all your registers with a description outlining their coverage
  • implementing specialised information asset management software that enables cross-register views and reporting
  • investing in interoperability initiatives such as APIs and tools for data indexing and discovery.

Identifying information assets

Your agency’s information assets include records, information and data that are created, collected, received and kept as part of government business.

Information assets listed in a register are typically grouped content that has been identified as being of significant value, risk or priority. Content should be grouped by specific business functions, activities or systems, to be understood, shared, protected and used effectively.

Content should not be grouped based on technical requirements. High value datasets may be considered an information asset on their own however, majority of assets in a register are formed by grouping content.

When you fill in your information asset register you should:

  • consider your agency’s existing assets that have already been defined and are used for business processes. Talking to your information technology and information management business areas can help you find these assets. Having assets in multiple registers should be avoided.
  • define new information assets. This includes figuring out what content from across your agency will be grouped as an information asset. As a general rule the same content should not be included in multiple assets.

Challenges in grouping content

Grouping content to form your information assets requires consideration and planning.

Your agency should define how much or how little content is grouped for each information asset based on the best approach to managing business needs.

If you group vast quantities (for example, a repository or data lake) it will be more challenging to accurately detail and manage your assets.

If you group quantities that are too small (for example, a single document or item) you will create excessive assets, causing inflated work procedures and errors in the register.

TIP: Talk to your information technology and information management business areas about your agency’s information assets. Ensure that the way you group your information assets is consistent across your agency. Consider how you manage your agency’s datasets and databases to help identify information assets.

Deciding which assets to include

When you add your information assets to a register you should consider:

  • Purpose of the information asset register: Why was the register created and what business requirements does it help address? For example, does it focus on a single function, business area or storage location?  
  • Business value of the information asset: How important is the information asset? What risk or potential benefit does it present to business and what critical workflows does it contribute to?
  • Business context of the information asset: How is the asset being used in general business?
  • The relevance of the information asset to the register:  What does an information asset contain and how does this help address the purpose of the information asset register?

Designing information asset registers

Australian Government agencies have legislated requirements for how they manage, use, share and access their information assets. These responsibilities, combined with your agency’s specific business requirements, form a basis for identifying what should be captured in a register, and the most efficient way to do so.

When you design your information asset register you will determine the metadata properties it captures. The information asset register template can be used to help understand and select properties that best suit your requirements. General categories you should consider include:

  • Description: these are some of the most common properties for identifying information assets such as name, identifier, description and key subjects.
  • Roles and responsibilities: to identify the business owners of information assets and the areas or positions with certain authorities over their management.
  • Security and associated restrictions: includes permissions that are subject to position or business function.
  • Usage, access and release provisions: to help facilitate freedom of information requests, copyright compliance, general sharing of information assets and open data across government.
  • Risks: these may be to business and to the information assets themselves. 

TIP: Talk to your information technology business areas to discuss the tools they are using to manage information assets across the agency. Consider what and how metadata properties are being captured in existing information management systems, catalogues, inventories or databases and if these can be used to support your own register.

Information asset register template

The National Archives’ information asset register template can be used as a guide for agencies to design their own registers. This template includes three example registers and descriptions for their metadata properties.

Agencies can use the example registers to:

  • ensure that their own information asset registers include the metadata properties from the Streamlined register
  • undertake a gap analysis with their own registers and the Complete register. This may result in adding metadata properties to enhance their registers, or removing properties to make their registers more minimal
  • start developing their own register that builds on the Streamlined metadata properties by adding other selected properties.

Register 1: Streamlined presents a succinct list of metadata properties to support your agency's internal business and common workflows. These are a recommended selection of properties for a basic register that provides a foundation for governance of your information assets. You can use this register to start planning an information asset register that will meet your business requirements.

Register 2: Mature provides eight additional metadata properties for a more detailed overview of information assets. Use this register when you need more contextual information about the information assets readily available. Time and place that are represented by the information asset have been added, as has the option for an alternative name.

Register 3: Complete provides a holistic and detailed overview of information assets that supports quality assurance and external sharing. Data quality, integrity check and attribution details are included. Open data details and security clearance permissions have also been added. You can use this register to support controlled sharing of information assets.

Download the information asset register template (XLSX, 88kB)

Starting your information asset register

The National Archives recommends a selection of 17 metadata properties in the Streamlined information asset register. Agencies may build on this and add metadata properties to design a register that will meet their specific business requirements.

A complete listing of suggested metadata properties is provided in the information asset register template

 

Identifier

A unique identifier of the information asset.

Name

Name of the information asset.

Description

A short description of the information asset that may include an outline of its components, content and primary application or use.

Keyword

Keywords that have been attached to the information asset, to support search functionality and discoverability.

Location

The storage location where the information asset is most commonly used and accessed from.

Format

The format of the information asset file, or of the majority files it contains.

Status

Whether the information asset is currently in-use or if it is retired.

Creation date

The date the information asset was created or acquired.

Update frequency

How often the information asset is updated.

Owner

Business area that holds authority and is responsible for managing and maintaining the information asset.

Custodian

Business area or position that is formally accountable to the owner for looking after the asset in its technical environment.

Rights type

Rights that the information asset has and must be complied with for access or use.

Security classification

Marking applied to identify sensitive and security classified information as per the Protective Security Policy Framework.

Personal information

Whether the assets contains personal or sensitive information as defined in the Privacy Act 1988.

Risk

Specific risks to the agency relating to the unavailability, integrity or data breach of the asset.

Business impact

The assessed business impact level if the information asset was compromised by unavailability, integrity or data breach.

Disposal class

The records authority disposal class for the information asset that has the maximum retention period.

Review and update

Information asset registers must be updated to ensure they remain accurate and current. An information asset review should include reviewing and updating:

  • Information assets listed in the register: ensuring that the asset’s content is up to date.
  • Information asset register itself: the details listed for each metadata property should be confirmed and updated where required.

In addition to scheduled and regular reviews, your agency should consider reviewing your information asset registers when:

  • there are significant changes to business risks or operations
  • new business systems are implemented or existing systems are updated
  • legacy paper-based processes are transitioned to digital workflows
  • procurement processes are underway and information management systems are being assessed to see if they meet business requirements.
Was this page helpful?
Please tell us why you selected 'Yes'
Please tell us why you selected 'No'
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.