Arkib Negara ELECTRONIC RECORDS MANAGEMENT and archive mgmt guideline_eng
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
e-SPARK<br />
Carefully thought-out strategy <strong>and</strong> policy documents are necessary, whether records will be<br />
captured <strong>and</strong> stored via an agency’s existing recordkeeping system(s), or as part of a<br />
separate system.<br />
5.2.7 Identify record keeping requirements<br />
As well as managing records created by authentication <strong>and</strong> encryption processes, public<br />
offices need to know which records relating to their online security activities should be<br />
captured to support business needs, satisfy accountability requirements <strong>and</strong> meet general<br />
expectations of the broader community. Knowing recordkeeping requirements will facilitate<br />
the development of appropriate recordkeeping strategies <strong>and</strong> actions.<br />
5.2.8 Assign responsibilities to records, business <strong>and</strong> IT managers<br />
Online security is a complex web of software, hardware, technology providers, external<br />
service providers, personnel, policies, procedures <strong>and</strong> agreements. Each of these elements<br />
may impact on several areas within a public office that use or provide these services. To<br />
ensure that all recordkeeping requirements relating to online security are addressed in a<br />
comprehensive manner, it is essential that recordkeeping responsibilities are identified,<br />
assigned <strong>and</strong> promulgated across a public office.<br />
Managers in the records, business or e-business, <strong>and</strong> IT areas will all have a role in the<br />
implementation <strong>and</strong> delivery of online security services. Establishing communication<br />
channels is a useful way of enabling information flow. Meetings should be held to ensure<br />
that questions <strong>and</strong> issues are addressed. Procedures can then be developed <strong>and</strong><br />
disseminated to provide a measure of control.<br />
Interoperability of systems is essential for ensuring optimum accessibility of information, <strong>and</strong><br />
provides long-term cost savings to a public office. If an area responsible for implementing<br />
online security has established communication channels with other areas likely to have<br />
some responsibilities, the required specifications are more likely to be known <strong>and</strong><br />
understood. Checklists can be developed to ensure <strong>and</strong> new systems purchased will have<br />
the desired characteristics. High-level schema can be written for existing systems that may<br />
not be fully interoperable.<br />
Copyright <strong>Arkib</strong> <strong>Negara</strong> Malaysia Page 60 of 86