Elements and Performance Criteria
- Establish the organisational context
- Identify and document legislative and regulatory requirements for the organisation.
- Analyse legislation for any information management security implications and document outcomes.
- Review organisational purpose and function for compliance requirements.
- Analyse broad social context in which the organisation operates to determine community expectations.
- Determine the principal areas of risk requiring information strategy
- Determine the information system requirements for each business function
- Analyse risks, liabilities and regulatory requirements.
- Document and communicate identified requirements as evidence to be captured as records.
- Formulate information system specifications from the evidence requirements.
- Determine information security requirements.
- Determine specifications for information systems security measures.
- Establish information systems framework for organisation
- Develop and communicate an overview of responsibilities for information management within the organisation.
- Define responsibilities and authorities in relation to regulatory requirements.
- Define information management responsibilities and rights for each business function.
- Integrate identified risks and liabilities managed by information systems.
- Define, assign and document levels of accountability and responsibility within the framework.
- Formulate and document security procedures for information systems.
- Obtain approval for framework
- Establish the organisational context
- Identify and document legislative and regulatory requirements for the organisation.
- Analyse legislation for any information management security implications and document outcomes.
- Review organisational purpose and function for compliance requirements.
- Analyse broad social context in which the organisation operates to determine community expectations.
- Determine the principal areas of risk requiring information strategy
- Determine the information system requirements for each business function
- Analyse risks, liabilities and regulatory requirements.
- Document and communicate identified requirements as evidence to be captured as records.
- Formulate information system specifications from the evidence requirements.
- Determine information security requirements.
- Determine specifications for information systems security measures.
- Establish information systems framework for organisation
- Develop and communicate an overview of responsibilities for information management within the organisation.
- Define responsibilities and authorities in relation to regulatory requirements.
- Define information management responsibilities and rights for each business function.
- Integrate identified risks and liabilities managed by information systems.
- Define, assign and document levels of accountability and responsibility within the framework.
- Formulate and document security procedures for information systems.
- Obtain approval for framework