IM Maturity Development Resource Template
IM Maturity Development Resource Template
IM Maturity Development Resource Template
Assessment Date
<enter date of assessment>
Accountable Officer:
<enter name>
<enter job title>
<enter business unit>
<enter department name>
<enter phone number>
<enter email address>
IM Maturity Development Resource by the Public Sector ICT Development Office is licensed under a Creative Commons Attribution
licence. To view a copy of this licence, visit:
http://creativecommons.org/licenses/by/2.5/au
Permissions may be available beyond the scope of this licence. See:
www.qgcio.qld.gov.au.
rial
or ICT Development Office is licensed under a Creative Commons Attribution 2.5 Australia
s licence. See:
Access Management
Recordkeeping
Record Archiving Conservation &
Management Preservation
Record Creation & Retrieval & Access Digital Continuity System Acquisition,
Capture Development and
Management
Collection Retention &
Management Disposal
Incident Management
Data Management
Data Modelling Data Quality & Data Capture
Business Continuity
Integrity
Management
Data Integration Data Cleansing Data Migration
Compliance
Redress Data Data Conversion Management
Mechanisms De-Duplication and Transformation
0 0 0
0
GOVERNANCE ASSET MGMT ACCESS & ACCESSIBILITY
DOMAINS
GOVERNANCE DOMAIN
5
Information Governance requirements
4
100%
3 80%
2 60%
40%
1
20%
0 0 0 0 0 0 0
0 0% 0% 0% 0% 0% 0% 0%
0%
maturity 0
Overall % per sub-domain
MATURITY LEVELS
4
80%
3
60%
2
40%
1 20%
0 0 0 0 0% 0% 0% 0%
0 0%
Registration Custodianship Classification Metadata Registration Custodianship Classification Metadata
INFORMATION ASSET MANAGEMENT SUB-DOMAINS Sub-domains
MATURITY LEVELS
80%
4
60%
3
40%
2
20%
1
0% 0% 0% 0% 0% 0% 0% 0% 0% 0%
0 0 0 0 0 0 0 0 0 0 0%
0
Information governance is the system by which the current and future use of information and its management is directed and controlled.
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised
Select ONE group of statements that you believe BEST describes your department's Information Planning environment by placing an "x" in the appropriate column
STRATEGY & PLANNING
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE group of statements that you believe BEST describes your department's approach to developing information management policies and procedures by placing an "x" in the appropriate column.
Information principles and policy development Information principles and policy development
Development of information principles and
Most information principles and policies are in process is reviewed as part of a responsive and deployment cycle is fully established.
Information principles and policies are only policies is managed and in place. QGEA
place. Compliance with QGEA compliance is policy development cycle. Development Process and work products performance and
partially developed. Minimum compliance with compliance is complete. Some measurement
largely achieved. Policy development process processes for policy products is managed end- measurement is fully achieved. Process
QGEA requirements occurs. Documentation is processes are in place. Accountability process
is partially achieved and documented. Policies to-end. Measurement of policy process measurement of policy environment is fully
inconsistent. Resourcing policies are not in for work product development is partially
POLICY, PRINCIPLES & ARCHITECTURE
Principles & Policies use. for resourcing have a focus for Business As effectiveness is largely achieved. Resourcing achieved. Resourcing policy integrated
achieved. Resourcing policy is linked to
Usual operations. policy integrated strategic planning and budget strategic planning and budget process.
strategic planning.
process. Findings are used to improve policy cycle.
Requirements to reach Level 1 maturity Requirement to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE group of statements that you believe BEST describes the architectural environment for information in the department by placing an "x" in the appropriate column
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE statement that you believe BEST describes the departments approach to IM workforce management activities across the department by placing an "x" in the appropriate column
WORKFORCE MANAGEMENT
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE group of statements that you believe BEST describes the departments approach to managing information risks by placing an "x" in the appropriate column
Mandated policies, processes and procedures Process to ensure business and administrative
Processes for risk management, business
RISK MANAGEMENT
for the risk management, business continuity processes address risk, continuity and disaster
Process to establish overall roles and continuity and disaster recovery of business
There are few governance processes in place and disaster recovery of information assets are recovery of information are fully achieved.
accountabilities in place and operating. information assets accountabilities are in place
to ensure to accountability for risk fully achieved. Compliance processes are fully Compliance processes are fully achieved and
Process to ensure compliance process is and fully achieved. Compliance processes for
management planning. Risk management achieved. Risk management and disaster regularly applied. Performance review findings
largely in place. Risk management planning all relevant aspects of risk management is
planning completed only for business critical recovery planning completed and tested for all reported to governance body for action as part
completed for most assets and processes. established. Planning processes are tested.
Risk Management assets. Compliance process meets minimum information assets. Process to apply of overall planning process. Risk management
Disaster planning processes focussed on key Some performance review processes are in
IS18 business continuity requirements. performance review findings on risk and disaster recovery are aligned with overall
information assets. place. Disaster recovery planning is largely in
management and disaster recovery are fully agency ICT Strategy and IM Work Plans.
place.
achieved. Optimisation is continuing.
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE group of statements that you believe BEST describes how the department manages the quality of its information assets by placing an "x" in the appropriate column.
QUALITY MANAGEMENT
Regular review and updating of planning Processes routinely reviewed to validate and
Governance processes for quality
policies and procedures occurs. Performance improve quality management processes and
Limited governance process in place to management policies and procedures are fully
Governance processes for the information management of work products established. establish value to the organisation. Processes
establish standards, protocols and procedures achieved. Review processes for key policies in
assets quality management are largely Processes to ensure work products are fit for and work products are benchmarked against
for the quality management of its information place. Quality management processes are
achieved. purpose are largely achieved. Reporting to best practice. Regular reporting on quality
Quality Management assets. partially achieved. Performance measurement
governance body on significant quality management issues to improve organisational
to a specified level is partially achieved.
management issues. effectiveness.
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Select ONE group of statements that you believe BEST describes your departments approach to information management governance across the department by placing an "x" in the appropriate column
included in all business units programs in process and work products reviews as basis
processes are in place. Accountabilities, role Management Work Plan, are assigned. product development processes of the
place. Management and reporting process in for continuous improvement and informing IM
and responsibilities are identified. Limited IM Processes to ensure awareness raising is departmental IM Work Plan is fully achieved.
Governance place to evaluate, monitor performance and agenda fully achieved. Resourcing process to
awareness programs in place. applied consistently to all information Performance monitoring and reporting on
Processes establish effectiveness are largely achieved. include IM activities as integral part of overall
management staff. Reporting processes for significant IM activities is partially achieved.
Review findings are used to improve budgeting process fully achieved. Information
planning processes are focussed on short term Coordinated IM awareness and programs are
effectiveness of governance processes. IM Management awareness built into all staff
significant information management issues. available to all staff.
awareness programs assessed for relevance induction program fully achieved .
and effectiveness and updated as necessary.
Requirements to reach Level 1 maturity Requirements to reach Level 2 maturity Requirements to reach Level 3 maturity Requirements to reach Level 4 maturity Requirements to reach Level 5 maturity
Reasons/evidence
Reasons/evidence
Reasons/evidence
Reasons/evidence
Reasons/evidence
Reasons/evidence
Information Asset Management is concerned with valuing and managing information assets with the
same rigour as that applied to other strategic assets.
Level 1 - AdHoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
Select ONE group of statements that you believe BEST describes how the department manages its information assets by placing an "x" in the appropriate column Reason/evidence
An agreed template for an information asset approved and mandated across the There are processes to identify and manage
provision and services and is published across
There are few processes in place to identify register(s) is established. Some custodians department. Processes are defined to track additional information assets. Register(s)
government. Internal and external use and
and register information assets. Informal are nominated to manage information assets. and manage information assets over their become single sources of truth and used to
reuse of information assets is evident.
arrangements are in place to manage some There is limited exposure of information asset lifecycle. Access to information asset inform IM planning initiatives. Established
Established processes for resourcing based on
Registration business critical information assets. register(s) across the department. Resourcing register(s) promoted and widely available processes for funding and resources are in
planned prioritisation and analysis of IM plans.
is at the operational level only. across the department. Resources are in place. Performance metrics implemented.
Analysis of performance indicators to support
place to maintain the register(s).
business improvement and forward planning.
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the custodianship for information assets is managed in the department by placing an "x" in the appropriate column Reason/evidence
CUSTODIANSHIP
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages its information classification requirements by placing an "x" in the appropriate column. Reason/evidence
CLASSIFICATION
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department uses and manages metadata by placing an "x" in the appropriate column Reason/evidence
METADATA
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Information Asset Access and Use Management is concerned with how information is to be accessed, exchanged and used, by whom and on what terms.
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
Select ONE group of statements that you believe BEST describes how the department makes its information available by placing an "x" in the appropriate column Reason/evidence
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages information accessibility issues by placing an "x" in the appropriate column Reason/evidence
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of one statements that you believe BEST describes how the department manages information licensing by placing an "x" in the appropriate column Reason/evidence
LICENSING & RIGHTS
MANAGEMENT
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages copyright use management placing an "x" in the appropriate column Reason/evidence
COPYRIGHT
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages IP by placing an "x" in the appropriate column Reason/evidence
INTELLECTUAL PROPERTY
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages the discoverability of its information by placing an "x" in the appropriate column Reason/evidence
DISCOVERABILITY
SEARCH &
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages the release and publishing of information by placing an "x" in the appropriate column Reason/evidence
consistent and client focused view of the consistent and client focused view of the analyse the information obtained during the
consistent and client focused view of the of the Queensland Government and of
Queensland Government and complies with Queensland Government and complies with reviews of the website to continually improve
Queensland Government and complies with complying with the Queensland Government
the Queensland Government Corporate the Queensland Government Corporate systems, processes and skills to maximise
the Queensland Government's Corporate Corporate Identity. The department is
Identity. The department facilitates routine Identity. The department facilitates routine access to information. It seeks to investigate
Publishing Identity. The department is commencing to developing processes which facilitate some
disclosure and active dissemination of disclosure and active dissemination of emerging technologies with a view to
facilitate the routine disclosure and active routine disclosure and active dissemination of
information. information. The department performs risk enhancing the effectiveness of the website.
dissemination of information. information.
assessments.
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes how the department manages information exchanges with other parties by placing an "x" in the appropriate column Reason/evidence
The department has commenced documenting processes for use when exchanging and processes to promote the exchange of
Government agencies and third parties. processes for managing information exchange
policies or processes for exchanging information with other Government agencies information. There is a central register where
Relevant legislation is taken into account when and the findings are used for continuous
information with other Government and third parties. This processes takes into all information sharing agreements are
exchanging information and adheres to improvement of information exchange
Exchange departments or third parties. consideration the departments legislative published and information exchange is
standardised approaches to information governance and processes.
obligations. managed centrally.
sharing (i.e. National Government Information
Sharing Strategy).
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that BEST describes how the department manages the pricing and charging for its information products by placing an "x" in the appropriate column. Reason/evidence
policy for its information, if a charge is being which sets out a transparent and consistent The department has processes in place to
The department is commencing to develop a The findings from the review of the charging
made for any information, The department is charging regime with the criteria for pricing regularly review its charging regime and policy.
consistent charging policy, if a charge is being regime and policy are used as part of a
commencing the process of listing any charges decisions and it is publicly available. The Charges listed in the department's information
made for any information. continuous improvement regime.
Pricing which will be applied to information assets in department's information asset register asset register are reviewed regularly .
its information asset register. identifies those information assets where
charges apply.
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Select ONE group of statements that you believe BEST describes the departments approach to managing the privacy of information by placing and 'x' in the appropriate column Reason/evidence
and has developed some documented the privacy of information held in its care and information held in its care. The department
development of a consistent policy and/or policy. All business and administrative policies
processes for managing the privacy of managing privacy complaints and privacy reports and monitors breaches of privacy and
processes to ensure the protection of private and processes must address information
information held in its care and managing breaches. The department has achieved has processes in place to ensure that this data
Privacy information held in its care. privacy management issues.
privacy complaints and privacy breaches. compliance with the Information Privacy Act is used to inform department privacy policies
2009. and processes. This data is used to update the
information privacy policy.
Requirements for Level 1 Requirements for Level 2 Requirements for Level 3 Requirements for Level 4 Requirements for Level 5
Information Governance is the system by which the current and future use of information and its management is directed and controlled.
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
Requirement at LEVEL 1 Requirements at LEVEL 2 Requirements at LEVEL 3 Requirements at LEVEL 4 Requirements at LEVEL 5
INFORMATION PLANNING ENVIRONMENT INFORMATION PLANNING ENVIRONMENT INFORMATION PLANNING ENVIRONMENT INFORMATION PLANNING ENVIRONMENT INFORMATION PLANNING ENVIRONMENT Reason/evidence
INFORMATION PLANNING ENVIRONMENT
Departmental information planning is carried out Information planning aligns with the development of Information planning is integral to the departmental
Departmental information planning is underway. Departmental information planning is coordinated.
annually. the ICT Resources Strategic Plan. planning process.
Yes
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Information Planning Environment 0%
POLICIES AND PRINCIPLES POLICIES AND PRINCIPLES POLICIES AND PRINCIPLES POLICIES AND PRINCIPLES POLICIES AND PRINCIPLES Reason/evidence
Documentation of relevant information policies and The information policy program of work is reviewed on The information policy program of work is continuously
Documentation of some relevant information policies, Documentation of most relevant information policies
standards is part of an ongoing information policy a regular basis to ensure currency of information improved and aligned with departmental policy
standards and procedures is underway. and standards is underway.
program of work. polices and standards. planning.
Documentation of some relevant information polices Documentation of most relevant information polices Awareness sessions are provided on any new or Strategies to raise the awareness of information
Documentation of all relevant information polices and
and standards is available across information and standards is available across information reviewed information polices and standards across polices and standards within the department are
standards is available for use across the department.
management units. management units. the department. continuously improved.
Some dedicated resources to meet priority Resources for information policy development are Resources needed to develop information policy are
Resources for departmental information policy Resources for information policy development are
departmental information policy needs are in place but allocated to respond to departmental information managed as part of the departmental planning
development are met on an 'as needs' basis. coordinated.
is not coordinated. policy needs. program.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Policies and Principles 0%
INFORMATION ARCHITECTURE INFORMATION ARCHITECTURE INFORMATION ARCHITECTURE INFORMATION ARCHITECTURE INFORMATION ARCHITECTURE Reason/evidence
Information architecture is revised based on the
Information architecture development is underway but Information architecture is planned and coordinated Information architecture is reviewed and used to
Information architecture development is underway. review findings to support greater alignment across
not coordinated. throughout the department. assist IM planning and business development.
the department.
INFORMATION ARCHITECTURE
Ad hoc Information architecture documentation is Some information architecture documentation is being Information architecture documentation has been Information architecture documentation is reviewed Information architecture documentation is incorporated
being developed. developed. developed. and updated regularly. in the departmental enterprise architecture.
Limited resourcing to support the early stages of Some resources for information architecture are being Resourcing for information architecture is allocated Resourcing for information architecture is allocated There is dedicated resourcing for information
information architecture development is in place. allocated . based on departmental needs. based on planning requirements. architecture activities.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Information Architecture 0%
WORKFORCE MANAGEMENT WORKFORCE MANAGEMENT WORKFORCE MANAGEMENT WORKFORCE MANAGEMENT WORKFORCE MANAGEMENT Reason/evidence
WORKFORCE MANAGEMENT
IM workforce planning is carried out to meet the needs IM workforce planning is coordinated to meet IM workforce planning forms part of the IM planning
IM workforce planning occurs reactively. IM workforce planning is integrated into ICT planning.
of most business units. departmental requirements. process.
IM training for staff is ad hoc and based on individual Relevant IM training programs are made available to Regular reviews of IM training programs reflect Training programs are proactive and identify current
Limited IM training for staff is in place.
requests. staff as required. departmental needs and objectives and emerging requirements.
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Workforce Management 0%
RISK MANAGEMENT RISK MANAGEMENT RISK MANAGEMENT RISK MANAGEMENT RISK MANAGEMENT Reason/evidence
Information risk management policy is under Information risk management policy is reviewed and Information risk management policy is a subset of the
Information risk management policy is developed. Information risk management policy is published.
development. updated regularly departmental risk management policy
RISK MANAGEMENT
Relationship between information risk management Information risk management planning occurs in the Information risk management planning takes into Information risk management includes provision for Findings of information risk management are reviewed
and information security is acknowledged. context of information security (IS 18) requirements. account information security planning. information security within planning process. regarding information security.
Risk management documentation is complete for Risk management documentation is complete for all
Some risk documentation is in place but for business Risk management documentation is in place for Risk management documentation is available to all
most information assets across the organisation but information assets is consistent and accessible to all
critical information assets. business critical information assets . staff and aligned with information security planning.
held at individual locations. staff.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Risk Management 0%
QUALITY MANAGEMENT QUALITY MANAGEMENT QUALITY MANAGEMENT QUALITY MANAGEMENT QUALITY MANAGEMENT Reason/evidence
Governance processes to ensure consistent Governance processes to ensure effective information Reviews of mandated quality management policies Findings of quality management review of policies,
Governance processes to ensure quality management
information quality management policies and quality management policies are in place across the protocols and guidelines are provided to governance protocols and guidelines are acted on by governance
occurs are adhered to across the organisation.
protocols are under development. organisation. body. body.
QUALITY MANAGEMENT
Standards, protocols on quality management are Standards, protocols on quality management exist Benchmarking of organisational quality management
Standards, protocols on quality management are Findings of quality management review of policies,
limited to business critical areas of information and are applied to all areas of information performance occurs as a means to evaluating
under development. protocols and guidelines are acted on.
management. management. effectiveness.
Quality management processes are focussed on Co-ordinated approach to quality management for Coordination approach to quality management of Coordinated approach to quality management is Review findings on quality management are applied to
business critical information assets. information assets is under development. information assets is in place in the organisation. reviewed for relevance and effectiveness. process.
Access to documentation on quality management is Access to documentation policies and protocols on All documentation on quality management policies A single point of reference for quality management
limited. quality management is available to all IM staff. and protocols is available to all staff. issues is established for the organisation.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Quality Management 0%
GOVERNANCE PROCESSES GOVERNANCE PROCESSES GOVERNANCE PROCESSES GOVERNANCE PROCESSES GOVERNANCE PROCESSES Reason/evidence
The information governance body reviews information
Formal information management governance roles The information governance body has been assigned The information governance body oversees the
Formal information governance roles and management work plan and considers review
and responsibilities have been assigned to an oversight of the development of the department's development and implementation of the departmental
responsibilities have been identified. recommendations in the light of emerging information
information governance body. annual information management work plan . information management work plan.
management issues and departmental direction.
Information governance body oversees the Information governance body reports to senior
Information governance body establishes information Information governance body ensures custodianship Custodianship delegations are reviewed regularly to
implementation/progress of custodianship in the executive management group on appropriate
asset custodian processes for the organisation. responsibilities are effectively undertaken across all ensure they reflect the needs of customers.
department. custodianship delegations
departmental information.
Information governance body ensures that information Information governance body approval for IM Information governance body commissions regular Information governance body uses review findings to
Information governance body approves information
awareness and training programs are promoted to all awareness and training programs are available for all performance reviews on effectiveness of information support wider human resource planning and
awareness and training programs.
IM staff. staff. awareness and training programs. management issues.
Basic information on staff obligations for information Relevant information on staff obligations for The department publishes staff obligations for Staff obligations for information management Information management skills and competencies are
management processes are provided during the information management processes are provided at information management processes on the processes are provided as part of regular training and included as part of the human resources recruitment
induction process. the business unit level. departmental intranet. awareness sessions. processes.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Governance domains Current maturity level 0
Department's overall % for Governance Processes 0%
Information Asset Management is concerned with valuing and managing information assets with the
same rigour as that applied to other strategic assets.
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
Requirements to meet Level 1 Requirements to reach LEVEL 2 Requirements to reach LEVEL 3 Requirements to reach LEVEL 4 Requirements to reach LEVEL 5
Click here for advice on the Information Asset Management domains Current maturity level 0
Departments overall % for Registration 0%
Information asset custodians are managing the Processes have been put in place to ensure that
Processes to identify information asset custodians Department has begun the process of identifying Information asset custodians have been assigned to
information assets which have been assigned to them information assset custodians are managing their
have been established. custodians for its information assets. the department's information assets.
. information assets.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Management domains Current maturity level 0
Departments overall % for Custodianship 0%
The department is classifying some of its information The department is classifying most of the information The department is classifying all the information The department is classifying the information assets The department is continually improving its
Classification
assets listed in its information asset register to the assets listed in its information asset register to the assets listed in its information asset register to the listed in its information asset register to other relevant information asset register by adding additional,
Information Portfolio Framework. Information Portfolio Framework. Information Portfolio Framework. classification schemes. relevant classifications.
The department is planning a training program on A training program on relevant classification schemes A training program on relevant classification schemes Evaluation of training program on relevant
A training program on relevant classification schemes
relevant classification schemes for information assets for information assets is being developed for for information assets is available regularly for classification schemes is used for ongoing
for information assets is available for identified staff .
to identified staff. identified staff . identified staff . improvement.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Management domains Current maturity level 0
Departments overall % for Classification 0%
The department is commencing the process of The department is including metadata tags for most of The department is including metadata tags for its The department is regularly reviewing the metadata The department routinely considers the addition of
including metadata tags in the departmental the information assets in the departmental information information assets in the departmental information tags which are applied to information assets in the additional metadata tags for the information assets in
information asset register. asset register. asset register. departmental information asset register. the departmental information asset register.
Metadata
Regular updates and reviews are provided to ensure The process for providing awareness of the
There is general awareness of the importance of
There is some awareness of metadata across the There is increasing awareness of the importance of the continued awareness of the importance of importance of metadata across the department for
metadata across the department for improving the
department for improving the management, visibility, metadata across the department for improving the metadata across the department for improving the improving the management, visibility, accessibility and
management, visibility, accessibility and
accessibility and interoperability of its information and management, visibility, accessibility and management, visibility, accessibility and interoperability of its information and services are
interoperability of its information and services.
services. interoperability of its information and services. interoperability of its information and services. regularly assessed based on the reviews.
Some departmental metadata records describing Departmental metadata records describing Departmental metadata records describing
The department is establishing the process of The department is implementing the process of information and service assets are lodged with or information and service assets are lodged with or information and service assets which are lodged with
ensuring that metadata records describing ensuring that metadata records describing made available for harvesting and indexing in made available for harvesting and indexing in or made available for harvesting and indexing in
information and service assets, are lodged with or information and service assets, are lodged with or appropriate whole-of-Government information appropriate whole-of-Government information appropriate whole-of-Government information
made available for harvesting and indexing in made available for harvesting and indexing in registers. registers are reviewed regularly. registers are improved based on the results of the
appropriate whole-of-Government information appropriate whole-of-Government information review.
registers. registers.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Management domains Current maturity level 0
Departments overall % for Metadata 0%
Information Asset Access and Use Management is concerned with how information is to be accessed, exchanged and used, by whom and on what terms.
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
Requirements to meet Level 1 Requirements to reach LEVEL 2 Requirements to reach LEVEL 3 Requirements to reach LEVEL 4 Requirements to reach LEVEL 5
The department has commenced the process of The department has some processes in place for The department has developed a framework for
The department has processes in place for making Data from the administrative and process reviews is
developing a framework for administrative release that developing a framework for administrative release that administrative release that covers formalised access
new information available and for releasing previously analysed and changes that meet the needs of users
covers formalised access schemes and other, more covers formalised access schemes and other, more schemes and other, more general, release of
unpublished information. are implemented in a timely manner.
general, release of information. general, release of information. information.
The department has commenced planning for ongoing An awareness program has been rolled out to ensure
The department provides some consultation and The department provides ongoing consultation and The feedback from the awareness program is used to
consultation and training to raise awareness of there is common understanding across the
training to raise awareness of proactive release. training to raise awareness of proactive release. continuously improve the awareness program.
proactive release. department about proactive release.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
ACCESS & ACCESSIBILITY
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
The department has policies and processes in place The department has processes in place to review The reviews undertaken of content design so that it
The department is ensuring that content design takes The department is ensuring that content design takes
to ensure that content design takes account of routinely content design so that it takes account of takes account of minimal file download times, for
account of minimal file download times, for customers account of minimal file download times, for customers
minimal file download times, for customers with lower minimal file download times, for customers with lower customers with lower bandwidth or poor
with lower bandwidth or poor telecommunications with lower bandwidth or poor telecommunications
bandwidth or poor telecommunications infrastructure, bandwidth or poor telecommunications infrastructure, telecommunications infrastructure, are analysed to
infrastructure, for some of their online content. infrastructure, for most of their online content.
for their online content. for their online content. inform a program of continuous improvement.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Accessibility 0%
LICENSING & RIGHTS MANAGEMENT LICENSING & RIGHTS MANAGEMENT LICENSING & RIGHTS MANAGEMENT LICENSING & RIGHTS MANAGEMENT LICENSING & RIGHTS MANAGEMENT Reason/evidence
The department has processes in place to ensure that The department analyses the results of the reviews of
The department has some processes in place to government information to be released is licensed The department regularly reviews the processes that the processes that are in place for the application of
The department is commencing the process of ensure that government information to be released is with one of the Government Information Licensing are in place for the application of licensing for its licensing for its information and revises them
LICENSING & RIGHTS MANAGEMENT
considering licensing as a way of releasing their licensed with one of the Government Information Framework licences or a licence (restrictive) which information. Reviews are conducted of departmental accordingly. The results of the reviews of the content
information. Licensing Framework licences or a licence (restrictive) supports the GILF policy benefits. Departmental websites to ensure they include GILF licence/s of departmental websites are analysed and innovative
which supports the GILF policy benefits. websites have been updated to include GILF covering all content. ways to ensure the content is licensed are
licence/s covering all new content. implemented.
The department is commencing the process of The department is incorporating the Government The departmental policy incorporating the Departmental policy incorporating the Government Departmental policy incorporating the Government
incorporating the Government Information Licensing Information Licensing Framework in some Government Information Licensing Framework is Information Licensing Framework is reviewed Information Licensing Framework is amended
Framework in some departmental policies departmental policies mandated. regularly and revised if appropriate. regularly based on the reviews if appropriate.
The department has commenced planning for ongoing The department is conducting ongoing consultation The training materials for GILF are regularly reviewed
The department is commencing to provide Information
consultation and training to raise awareness of GILF and training to raise awareness GILF so users to ensure they are up-to-date and available to users
about GILF to users to enable them to understand The training materials on GILF are available via the
for users so they understand Queensland understand Queensland Government’s use of GILF, so they understand Queensland Government’s use of
Queensland Government’s use of GILF, the Creative departmental intranet to all staff who are involved in
Government’s use of GILF, the Creative Commons the Creative Commons licences and the Restrictive GILF, the Creative Commons licences and the
Commons licences and the Restrictive Licence and to applying GILF licences.
licences and the Restrictive Licence and to recognise Licence and to recognise licence badges and other Restrictive Licence and to recognise licence badges
recognise licence badges and other licence markings.
licence badges and other licence markings. licence markings. and other licence markings.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Licensing & Rights Management 0%
COPYRIGHT USE COPYRIGHT USE COPYRIGHT USE COPYRIGHT USE COPYRIGHT USE Reason/evidence
715437776.xls
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
The department has developed and published an
The department is developing a IP/Copyright Use
The department is commencing to develop an IP/Copyright Use Policy which covers the relevant The department's IP/Copyright Use Policy is regularly The department's IP/Copyright Use Policy is revised
Policy which covers the relevant issues as outlined in
IP/Copyright Use Policy . issues as outlined in Principle 1 of the Use of reviewed based on feedback from users. based on regular reviews.
Principle 1 of the Use of Copyright Materials (IS46).
Copyright Materials (IS46).
and obligations. obligations relating to the IP/Copyright Use Policy. ensure they meet the needs of staff.
during induction training.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Copyright 0%
INTELLECTUAL PROPERTY INTELLECTUAL PROPERTY INTELLECTUAL PROPERTY INTELLECTUAL PROPERTY INTELLECTUAL PROPERTY Reason/evidence
The department has some processes for managing The department has an endorsed policy and The responsibility for managing the intellectual
The department ensures that the intellectual property
The department has no consistent policy and uses ad the department's intellectual property but they have processes in place which are consistent with the property policy and processes have been assigned to
management policy and processes are regularly
hoc processes for managing intellectual property. not been mandated and their application has been Queensland Public Sector Intellectual Property the appropriate officer. This officer will also provide
reviewed resulting in continuous improvement.
limited. Guidelines and are accessible to all staff. updates when new information becomes available.
There is sporadic awareness of how intellectual Staff are becoming more aware of intellectual property Staff are generally aware of intellectual property Staff understand intellectual property management
there is common understanding across the
property should be managed in the department. management issues and obligations. management issues and obligations. issues and obligations.
department about intellectual property-related issues.
The department does not provide information for the The department provides some information for the The department provides information for the The department promotes its information in the The department has processes in place to manage
Queensland Government Intellectual Property Queensland Government Intellectual Property Queensland Government Intellectual Property Queensland Government Intellectual Property intellectual property generated by public sector
Register. Register. Register and updates this information regularly. Register. employees or consultants in the course of their duties.
The department has not been assigned "beneficial The department has applied to be assigned The department has been assigned "beneficial use”
use” (the right to authorise another person/ "beneficial use” (the right to authorise another person/ (the right to authorise another person/organisation to
The department is beginning to exploit some of its The department is examining commercialisation
organisation to reproduce or utilise for commercial organisation to reproduce or utilise for commercial reproduce or utilise for commercial gain IP that an
intellectual property over $50,000. options for their intellectual property.
gain IP that an agency has created) by the gain IP that an agency has created) by the agency has created) by the Administrator (Crown
Administrator (Crown Copyright and other IP). Administrator (Crown Copyright and other IP). Copyright and other IP).
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Intellectual Property 0%
SEARCH & DISCOVERABILITY SEARCH & DISCOVERABILITY SEARCH & DISCOVERABILITY SEARCH & DISCOVERABILITY SEARCH & DISCOVERABILITY Reason/evidence
categorising its information assets. to categorise its information assets. vocabularies have been adopted in a coordinated
changes to the vocabularies and their use. maximise value in searching for information.
fashion.
The department is commencing to implement a The department measures the performance of its
The department is working towards having a website The department has a website search capability as The department has processes in place to continually
website search capability as required by the website search capability through user surveys,
search capability as required by the Queensland required by the Queensland Government's Consistent review its search capability and implement continuous
Queensland Government's Consistent User analyses the results and implements any changes that
Government's Consistent User Experience. User Experience. improvements.
Experience. are required.
The department is considering including Search all The department has commenced the process of
The department has Search all Queensland
Queensland Government as a link on the including Search all Queensland Government as a link
Government as a link on the department's website.
department's website. on the department's website.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Search & Discoverability 0%
The department complies with and ensures that its The department undertakes regular reviews of its
The department is commencing the process of The department analyses and applies the results of
The department is developing its website to ensure website remains no more than three minor version website to ensure that it complies with and remains no
ensuring that its website complies with the Consistent the reviews to ensure that its website complies with
that it complies with the Consistent User Experience. reviews in arrears with the Consistent User more than three minor version reviews in arrears to
User Experience. the Consistent User Experience.
Experience. the Consistent User Experience.
The department is commencing the process of The department undertakes regular reviews of its
The department is developing its website to ensure The department ensures that its website complies with The department analyses the results of the reviews to
ensuring that its website complies with the website to ensure that it complies with the
that it complies with the Queensland Government the Queensland Government Corporate identity, ensure that its website complies with the Queensland
Queensland Government Corporate identity, unless an Queensland Government Corporate identity, unless
Corporate identity, unless an exemption is granted by unless an exemption is granted by the Department of Government Corporate identity, unless an exemption
exemption is granted by the Department of Premier an exemption is granted by the Department of Premier
the Department of Premier and Cabinet. Premier and Cabinet. is granted by the Department of Premier and Cabinet.
and Cabinet. and Cabinet.
PUBLISHING
The department reviews its processes for the routine The department analyses the results of the reviews of
The department is commencing to put processes in The department is developing processes for the The department has put processes in place for the
disclosure and active dissemination of information to processes for the routine disclosure and active
place for the routine disclosure and active routine disclosure and active dissemination of routine disclosure and active dissemination of
ensure that information is being released in a timely dissemination of information to ensure that information
dissemination of information. information. information.
manner. is being released in a timely manner.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Publishing 0%
715437776.xls
Level 1 - Ad Hoc Level 2 - Repeatable Level 3 - Defined Level 4 - Managed Level 5 - Optimised Comments
EXCHANGE EXCHANGE EXCHANGE EXCHANGE EXCHANGE Reason/evidence
The department is commencing the process of The department is developing a mandated The department has a mandated governance The department monitors its performance through the Need to consider this one again.
developing a mandated governance structure and governance structure and authorisation process for structure and authorisation process for the exchange regular review of processes for the exchange of The department is proactive in seeking opportunities
authorisation process for the exchange of information the exchange of information with other Government of information with other Government agencies and information. There is a central register where all for exchanging information.
with other Government agencies and third parties. agencies and third parties. third parties. information sharing agreements are published .
The department provides regular training and The department continuously improves its training and
The department is commencing to ensure that The department is developing ways of ensuring that The department reviews its training and awareness
awareness sessions for relevant staff so they are awareness programs for relevant staff so they are
relevant staff are aware of the processes and relevant staff are aware of the processes and programs for relevant staff and makes changes based
aware of the processes and opportunities to share aware of the processes and opportunities to share
opportunities to share information. opportunities to share information. on these reviews.
information. information.
The department is commencing to develop processes The department is developing processes to ensure The department ensures that relevant staff are aware
The department ensures that relevant legislation is relevant legislation is being taken into account when
to ensure that relevant legislation is taken into account that relevant legislation is taken into account when of and continually monitor the ways relevant
taken into account when exchanging information, such exchanging information, such as the Information
when exchanging information, such as the Information exchanging information, such as the Information legislation is taken into account when exchanging
as the Information Privacy Act 2009. Privacy Act 2009 and reports any breaches around
Privacy Act 2009. Privacy Act 2009. information, such as the Information Privacy Act 2009.
the exchange of information.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Exchange 0%
The department has commenced developing a The department is developing a charging policy for its The department has developed a charging policy for The department has processes in place to regularly The findings from the review of the charging regime
charging policy for its information, if a charge is being information, if a charge is being made for any its information, if a charge is being made for any review its charging regime and policy to ensure that it and policy are used to refine and develop the charging
made for its information. information. information. reflects any relevant policy changes. policy.
PRICING
The department has commenced the process of listing The department is in the process of listing any The department has listed any charges which will be Charges listed in the departmental information asset The findings from reviews of the charging regime are
any charges which will be applied to information charges which will be applied to information assets in applied to information assets in its departmental register are reviewed regularly to ensure that they reflected in the charges listed in the departmental
assets in its departmental information asset register. its departmental information asset register. information asset register. reflect any changes to the policy . information asset register.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Pricing 0%
The department has commenced the process of The nominated officer formally assigned the
The department has identifyied an officer in the The nominated officer formally assigned the
identifying an officer in the department who is The department has a nominated officer formally responsibility for agency compliance with or
department who is responsible for agency compliance responsibility for agency compliance with or
responsible for agency compliance with or assigned the responsibility for agency compliance with overseeing the Information Privacy Act 2009 has been
with or overseeing/managing the Information Privacy overseeing the Information Privacy Act 2009
overseeing/managing the Information Privacy Act or overseeing the Information Privacy Act 2009. provided with ongoing training about their obligations
Act 2009. continually monitors the performance of the Act.
2009. under the Act.
The department has commenced the process to The results of the review of the department's
The department is developing a process to assess the The department has implemented processes to The department is reviewing its processes to ensure
assess the reason for the collection of personal processes which ensure that personal information is
reason for the collection of personal information and ensure that personal information is accurate and up- that personal information is accurate and up-to-date
information and the security safeguards for this accurate and up-to-date are analysed and the
the security safeguards for this personal information. to-date before it is used. are reviewed regularly.
personal information. processes are continually improved.
The department has commenced planning to cover The department is developing a process for covering Information privacy is addressed in department Awareness programs are provided via the agency's
Awareness programs are continuously reviewed to
information privacy issues in department induction information privacy issues in department induction induction training and the policy is available to all staff. intranet, in-house seminars and, for new employees,
ensure that they meeting the needs of staff.
training. training. during induction training.
Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0% Level 1 requirements not met 0%
Click here for advice on the Information Asset Access and Use Management domains Current maturity level 0
Department's overall % rating for Privacy 0%
715437776.xls
TOOLS
GOVERNANCE TOOLS Information Management Maturity Levels
QGEA Foundation Principles Source: Adapted from Capability Maturity Model (maturity level titles) and META Group's Information Maturity Model (maturity level descriptors)
QGEA Information Management Policy Requirements Checklist
Queensland Government Information Management Policy Framework Definitions
IM Workforce Management UK Government Information Management Professional Skills framework Click here for the Glossary on the QGCIO website
http://www.archives.qld.gov.au/downloads/InfoManSkills_ActionPlan.pdf
Information and IM Risk
Asset Lifecycle
Management
Information and IM Quality
Asset Lifecycle
Management
Implementing Information Governance Guidelines
Information Policy Requirement 1