top of page

Information Management Fundamentals

Cyber Risk.jpg

Upper Glasgow Council Information Management Best Practice Guide

 

1. Introduction

Information is a strategic asset for Upper Glasgow Council, supporting effective governance, service delivery, and community trust. The Council is committed to compliance with key Australian legislation, including:

  • Privacy Act 1988

  • Freedom of Information Act 1982

  • State-based Public Records Acts 

  • Local Government Act 

 

2. Guiding Principles

Upper Glasgow Council’s information management is guided by:

  • Transparency and Accountability: Open access to council information while protecting privacy.

  • Compliance: Adherence to statutory obligations for records and data handling.

  • Security: Robust data protection and cybersecurity measures.

  • Accessibility: Clear public guides for accessing council information.

 

3. Governance Framework

Upper Glasgow Council will:

  • Develop an Information Management Strategy aligned with the council’s strategic goals (e.g., “making best use of resources”).

  • Maintain a Records Management Plan in accordance with state requirements, covering:

    • Data retention schedules.

    • Privacy and security protocols.

    • Regular audits and improvement reporting

 

4. Best Practice Components

a) Records Management

  • Maintain accurate and accessible records for council operations.

  • Implement a Register of Delegations for decision-making transparency.

  • Respond to FOI requests within statutory time frames.

 

b) Data Governance

  • Adopt a Model Data Governance Policy:

    • Define data classifications.

    • Set privacy and cybersecurity standards.

    • Establish data sharing agreements and inter-departmental processes.

 

c) Information Security

  • Apply layered security controls across council systems:

    • Physical access restrictions.

    • Malware detection and backup procedures.

    • Disaster recovery planning.

 

d) Communication and Engagement

  • Provide transparent, timely two-way communication with council stakeholders.

  • Publish a Guide to Information under FOI requirements.

 

5. Compliance and Risk Management

  • Implement a Legislative Compliance Framework and maintain an up-to-date compliance register for Upper Glasgow Council.

  • Regularly review policies to avoid reputational and legal risks.

 

6. Training and Culture

Upper Glasgow Council will:

  • Train staff on:

    • Data protection obligations.

    • Records management procedures.

    • Ethical use of information.

  • Promote a culture of information stewardship and continuous improvement.

 

7. Monitoring and Reporting

  • Report progress on improvements to the Information Advisory Board (or equivalent within Upper Glasgow Council).

  • Conduct periodic audits and publish compliance summaries.

bottom of page