One of the first steps in implementing an Information Management Program involves auditing your agency’s information assets.  An information asset audit enables compliance with the following behaviours of the Information Management Standard:

• Behaviour 1.1: identify what information assets your agency holds
• Behaviour 1.3: ensure information assets are linked to business functions and activities, and
• Behaviour 4.1: create and keep full and accurate information assets appropriate to their business processes, regulatory environment and risk and accountability requirements.

Information Asset Register template

In collaboration with the Office of the Chief Information Officer, we have developed an Information Asset Register (IAR) template combined with the Cyber Information Asset Register to assist agencies collate relevant information.

As an added bonus, data entered into the IM register will auto-populate the relevant fields in the Cyber Information Asset Register tab, a tool to assist agencies manage their Cyber Security Program. The template has been designed to ensure consistent data is entered across both Information Management and Information Technology teams and helps promote internal communication and understanding.

The IAR template is not mandatory, nor has it been developed to override any existing registers used in your agency. However, it can be used to inform and/or improve the data captured in any registers currently in use.

Alternatively, you can add, remove or hide columns from this IAR template to suit your agency’s own business use (but please be mindful of the fields connected to the Cyber IAR, marked with an asterisk on the IM IAR).

More information about conducting an information asset audit can be found in section 1 of our Information Governance Guideline.