View Document

Records Management Policy

This is the current version of this document. To view historic versions, click on the 'Historic Versions' tab above.

Section 1 - Summary

(1) This Policy provides a basis for Victoria University (VU) to create and maintain accurate, authentic, reliable and usable records which support and provide evidence of the University's functions.

Top of Page

Section 2 - HESF/ASQA/ESOS Alignment

(2) HESF: Standard 7.3 Information Management.

(3) Standards for Registered Training Organisations (RTOs) 2015 (Cth): Standards 6 and 8 and Schedule 5.

Top of Page

Section 3 - Scope

(4) This Policy applies to:

  1. All staff and contractors employed or engaged by VU, council members, honorary, adjunct or visiting academics, and volunteers.
  2. All University records, regardless of format, including electronic records.
Top of Page

Section 4 - Definitions

(5) Nil

Top of Page

Section 5 - Policy Statement

(6) Quality educational and research programs, and effective University administration, are dependent on the University creating and maintaining accurate and comprehensive records. Records provide the University with a corporate memory, which enhances decision making, improves our ability to engage with students and stakeholders, and mitigates risk. Records maintain evidence of actions and decisions, and safeguard the legal rights of students, stakeholders and the University. Managing these records well strengthens organisational accountability and supports the implementation of the University's strategic plan.

(7) VU's records management program will be carried out with reference to the following principles:

VU Records have Legal Status and Weight

(8) Under the Public Records Act 1973 (Vic), VU's records are public records of the State of Victoria, and must be managed in accordance with standards issued under that Act.

(9) All records created or received in the course of University business are the property of VU. Records must not be removed from VU premises, deleted, destroyed or otherwise disposed of except in accordance with this Policy and its associated procedures.

Creation of Records

(10) All staff are responsible for creating accurate and complete records of their VU related activities. Records must be created to document all VU related activities, decisions and commitments (including oral decisions and outcomes of meetings or telephone conversations).

Capture of Records

(11) Records must be captured in designated corporate systems. Systems will only be designated as corporate systems if they can guarantee that records are reliable and authentic, appropriately secure, able to be located, retrieved and used, and maintained for as long as they are needed. Corporate systems must be able to export records and metadata in a usable format.

Organisation of Records

(12) Within corporate systems, records must be organised in accordance with VU's Business Classification Scheme. Records regarding the same function, activity or matter should be filed together, or linked or related to each other.

Storage of Records

(13) Managers are responsible for ensuring that records storage areas for physical records and electronic records under their control are secure and protected from accidental damage (such as damage caused by fire, water, mould or vermin). This includes records stored in office areas. For advice on storage areas, contact Records and Archives Services.

(14) Records held in corporate systems are stored securely, and are subject to regular back up and disaster recovery processes in line with the Information Security Policy.

(15) The location and movement of physical records must be tracked, to ensure that records can be easily located when required. This also ensures that a history of the use of the record is maintained. Methods for tracking records are outlined in the Records Management - Physical Records Storage Procedure.

(16) Records no longer in active use should be moved out of office areas and into dedicated storage areas in accordance with the Records Management - Physical Records Storage Procedure.

Access and Security

(17) All VU staff should be able to access university records, unless they are restricted records (see Records Management - Access to Records Procedure).

(18) Managers must identify restricted records within their area, and ensure that access to these records is only provided to staff with a clear business need to access the information.

(19) Managers must ensure that all records are adequately secured and protected from unauthorised access. All staff are responsible for complying with access rules (see Records Management - Access to Records Procedure) and maintaining security. For advice on security of records, contact Records and Archives Services.

(20) Managers must ensure that appropriate access permissions exist for records held within business systems under their control.

Disposal of Records

(21) Destruction of University records must comply with all legal requirements. In particular, records must not be destroyed until the end of the minimum retention period specified in the Business Classification Scheme. More information can be found in the Records Management - Disposal of Records Procedure.

(22) Records which may be required for any legal action (including cases which have not yet begun, but which are reasonably foreseeable) must not be destroyed until the completion of that legal action, including appeals.

(23) Records must be destroyed by secure and irreversible means. Refer to clause (16) of the Records Management - Disposal of Records Procedure.

(24) Managers are responsible for ensuring that records are disposed of regularly and systematically, in accordance with the Records Management - Disposal of Records Procedure. In particular, the disposal process must include a check to ensure that there is no need for the records to be retained, authorisation by the Manager of the area responsible for the records, and use of the Destruction of Records Authorisation form. For guidelines and advice on disposal requirements contact Records and Archives Services.

(25) Records that are designated as permanent in the Business Classification Scheme must be transferred to the University Archives once they are no longer in active use. Refer to clause (14) of the Records Management - Disposal of Records Procedure.

Top of Page

Section 6 - Procedures

(26) Records Management - Access to Records Procedure

(27) Records Management - Disposal of Records Procedure

(28) Records Management - Physical Records Storage Procedure