In the technology world, frequently what forms the record will not remain unless
there is very conscious appraisal, design and management. This is illustrated by the
following scenario. An organisation uses a business application to process and assess
clients' rights for a specific entitlement. The system is regularly updated and all
changes and updates must be traceable and accountable. The process is contentious
and subject to appeal. The ultimate product and long term record of the system is the
final list of clients and their relevant entitlements. However, given the
contentiousness of the process, this list of clients and entitlements is ultimately only
defensible if kept in combination with evidence of the system's internal
mechanisms for workflows, assessments and approvals, as these are integral to
establishing the validity and accuracy of the list itself. The complete record of this
activity is therefore not just the list of clients, it is also the metadata, workflows,
users, approvals and audit trails that evidence and account for how the final list of
client entitlements was compiled. This is the record necessary to respond to any
challenges to the list's accuracy and validity. Without proactive definition of
recordkeeping needs however, it is unlikely that all these components will be
maintained as a part of the ongoing record.
In the rapidly changing technological environment where migration of systems is
dictated by vendors' timetables, maintenance of both data and records for business
needs is not guaranteed, let alone preservation for continuing access beyond the
organisation's boundary where there are community interests to be considered.
If the proactive appraisal is not undertaken by the design stage so that record design
and definition of retention periods can be incorporated into the application, then
migration or upgrades of software become significant business risks.
Outsourcing of the provision of services and use of cloud-based IT services further
compounds the risk that neither information nor records will be accessible or retain
their meaning for as long as they are needed. Identification of the record, retention
and preservation requirements and of the stakeholders' needs after the immediate
business use are elements of the recordkeeping analysis not necessarily recognised
by system designers. Understanding ongoing requirements through proactive
appraisal is especially important when the issues of records creation, access and
control are exacerbated by the blurring of the boundary between government agency
and private enterprise, as government activities are increasingly outsourced to the
private sector.
Additionally, management of personal information in compliance with
jurisdictional privacy laws and good customer relations cannot be bolted onto the
service application after implementation. It must be identified in the design and
development phase, documented in the analysis of access permissions and
accounted for in the system rules for retention and post factum use of information.
In the world of 'big data', the accumulation and combination of personal
information in systems and organisations constitute significant risks if privacy
requirements are not adequately identified and managed. Privacy by design and
preservation by intent are two of the contemporary watchwords to ensure new
systems and services have robust transactional recordkeeping to meet all appropriate
organisational needs. Proactive appraisal offers strategies for dealing with these and
other challenges created by the transition to the digital world.
The theory and practice of proactive appraisal was developed in Australia in the
1970s and 1980s, in response to high rates of administrative change in government
agencies and high volumes of current records.
In the first Australian records management standard, AS4390, appraisal was defined
as: the process of evaluating business activities to determine which records
need to be captured and how long the records need to be kept to meet business needs,
the requirements of organisational accountability and community expectations'.1
The basic elements of proactive appraisal - understanding the recordkeeping
requirements of business activity - are not essentially different from the standard
approach to the appraisal of records after creation. What differs is the proactive
focus, which is essential when dealing with dynamic business and technological
contexts.
The context of records creation today consists of systems and services. Provenance,
content and context are as much centred in these technological environments as
they are in the organisational, activity, client and service environments. Records
have become indivisible from the systems they are part of, and record creation,
design and management need to become a component of system design.
In this system and service context, the basic elements of proactive appraisal are:
1. Identify the context of the business activity, including the nature of the
organisation, the scope of the activity and the legal framework/s,
compliance needs and risks applying to the activity.
2. In relation to the activity, identify the legal, business and community
requirements that need to be supported by the making and keeping of
records.
3. Identify the technical context of the activity, including system/s and other
environments where the activity is transacted and identify any
recordkeeping gaps.
4. Define how data and information should combine to provide an ongoing
record of the activity, including identifying how and where data is or should
be generated, how it changes or grows through the transaction of the
activity, and the metadata required to support, evidence and contextualise
the records of the activity.
5. Document these requirements and definitions, including those relating to
metadata and to rights of access and amendment.
6. Repeat the assessment process if aspects of the activity, its technological,
legal, business or community contexts change.2
Proactive appraisal allows recordkeepers to engage and to build the records that
businesses and communities will require now and into the future. Through its
analysis that encompasses technological context, proactive appraisal can enable a
range of outcomes including the:
selectie ii
56
kate cumming en anne picot appraisal in 2016: Australian perspectives on
digital drivers and directions
1 Records Management: Australian Standard AS4390-1996/Standards Australia (Homebush, N.S.W: Standards
Australia 1996), Part 1,8.1). This understanding of appraisal has since been developed and incorporated
into the revised international records management standard, ISO 15489:2016 and adopted into much
contemporary practice.
2 These elements were originally incorporated in: the Australian DIRKS methodology outlined in AS4390
(1996); International Standards Organization, ISO 15489:2002, Information and Documentation - Records
Management - Part 2: Guidelines and International Standards Organization, ISO 30301: 2011, Information and
Documentation: Management systems for records: Requirements, Annex A, 'Objectives and controls for records
processes'. The DIRKS methodology is comprised of eight steps: Step A - Preliminary investigation; Step B -
Analysis of business activity; Step C - Identification of recordkeeping requirements; Step D - Assessment of
existing systems; Step E - Identification of strategies for recordkeeping; Step F - Design of a recordkeeping
system; Step G - Implementation of a recordkeeping system; Step H - Post implementation review.
57