October 13 is International Day for Disaster Risk Reduction.
Damage to, or loss of, your agency’s information assets as a result of a disaster/incident could mean that your agency is unable to operate effectively or at all, meet current or long-term legal requirements, or community expectations.
Under the section 13 of the State Records Act, your agency must ensure that its information assets are maintained in good order and condition.
This includes implementing both a Business Continuity Plan (BCP) and an Incident Management Plan for Information Assets to enable information to remain secure, reliable, accessible, and available, used and retained for as long as needed.
While most agencies will have a robust Business Continuity Plan (BCP), information assets deserve particular consideration in any incident preparedness, this can be achieved through an Incident Management Plan for Information Assets (Incident Management Plan).
While a BCP will only be activated when your agency’s critical services are affected, an Incident Management Plan can be activated for any type of incident that threatens your agency’s information assets, e.g. damage or loss.
Such as a minor incident such as the flooding of a filing room or a contained service outage.
The Incident Management Plan may be used by your agency to minimise potential impacts to information assets by supporting adequate incident preparation, planning, response and recovery.
This will help enable your agency’s information to remain secure, accessible, and available, used and retained for as long as needed.
State Records is currently reviewing its Disaster Recovery Toolkit. The Toolkit will be replaced with a new Guideline called Incident Management Plan for Information Assets.
Public consultation on the new Guideline will commence in the coming months.