The following Implementation Guide should be read in conjunction with An Approach to Managing Internet and Intranet Information for Long-term Access and Accountability. Together, the two documents respond to the need for government-wide direction on managing records and publications within departmental networked facilities, including the Internet, intranets and extranets. The Information Management (IM) Forum Internet and Intranet Working Group prepared both documents on behalf of the IM Forum.
The documents amplify the Government of Canada Internet Guide, which can be found at <http://www.tbs-sct.gc.ca/ig-gi/index_e.asp>.
The Approach and Implementation Guide represent almost a year of work by the Working Group, which first met in April 1998. The initial objective of the Group was to provide "an articulated common approach to record keeping on the Web." In determining how best to do so, the Working Group looked at several critical questions, not the least of which is, "When is information on a Website published information and when is it a government record?" In addressing this issue, the Working Group has focussed on two requirements: capturing records as evidence of business activity and managing long-term access to published information. By approaching the issue this way, we feel we can jointly mobilize the strengths of both the library science and records management disciplines, on behalf of our clients.
The documents will likely evolve over time as our understanding of the relevant management issues take shape. In the meantime, both the Approach and the Implementation Guide provide a broad framework for developing institution-specific solutions and helping the government as a whole effectively manage networked information both for long-term access and accountability.
We encourage written comments about this document. Please send them to the Chair of the IM Forum.
Government Information Management Office
Library and Archives Canada
You can obtain a copy of An Approach to Managing Internet and Intranet Information for Long-term Access and Accountability from the following address:
Government Information Management Office
Library and Archives Canada
The IM Forum Internet and Intranet Working Group prepared this Implementation Guide and the Approach to Managing Internet and Intranet Information for Long-term Access and Accountability. Contributing members of the Working Group include the following people:
Suzanne Beaudoin, Public Works and Government Services Canada -- Canada Site
Nancy Brodie, National Library of Canada
Tina Cacciato, Human Resources Development Canada
Fernand Comeau, Health Canada
Diane Crouse, Foreign Affairs and International Trade Canada
Sharron Curley, Public Works and Government Services Canada
Judy David, Public Works and Government Services Canada -- Publiservice
Jerry Donoghue, National Archives of Canada
Greg Eamon, National Archives of Canada
Nora Fontaine, Foreign Affairs and International Trade Canada
John Fysh, Department of National Defence
Julia Goodman, Agriculture and Agri-Food Canada
Sue Hanley, Indian and Northern Affairs Canada
Lark Hodgins, National Capital Commission
Dan Lemieux, Office of the Solicitor General
Jim Lowe, Industry Canada
Doug McDonald, Health Canada
Paul McLaughlin, Department of National Defence
Andrew Morgan, National Archives of Canada
Rosemary Murray-Lachapelle (Chair), National Archives of Canada
Marilyn Sullivan, Indian and Northern Affairs Canada
Craig Taylor, Department of Canadian Heritage
Melissa Teasdale, Public Works and Government Services Canada
Donna Warren, Department of Canadian Heritage
Special thanks are also extended to the following people for their contribution:
Helen Apouchtine, Human Resources Development Canada
Diana Dale, Department of Canadian Heritage
Cecil Somerton, Canadian Coast Guard
Ginette Fauvelle, National Archives of Canada
Annex B: Web Administrator's Checklist
Annex C: Glossary
Annex D: References and Authorities
This document provides guidelines for implementing the IM Forum's Approach to Managing Internet and Intranet Information for Long-term Access and Accountability. They are designed to ensure that appropriate levels of management control are put in place to protect government records as evidence of the government's business activities; to reduce the levels of risk associated with managing information within networked facilities; and to provide ongoing access to information for as long as it continues to retain its value.
The implementation guidelines are strongly rooted in the notion of accountability. They suggest that government institutions that use the Web for business operations are creating records as a result of these activities, and that they need to be aware of their obligation to manage this information.
The implementation guide provides a number of suggested tools and best practices to help departments fulfill these requirements. These include the following:
Management framework. Such a framework helps a department integrate its Web posting and management functions within its overall record-keeping and publication management functions by establishing corporate policies, standards and practices and assigning clearly defined roles and responsibilities.
Risk management model. This model looks at the levels of risk associated with managing information on individual Websites and recommends appropriate record-keeping and publication management responses to mitigate that risk. Risk factors include the adequacy of existing management structures, the extent to which the corporate record-keeping system captures posted records, the degree to which Legal Deposit captures publications and the information's potential to generate adverse reaction. Escalating levels of response range from continuing to maintain close integration with the corporate record-keeping system, to maintaining snapshots and developing ancillary "local site repositories."
Publications requirements and Legal Deposit. In keeping with the National Library of Canada Act, this guide provides a process for ensuring that all government publications posted to a departmental Website are identified for Legal Deposit. As well, the guide introduces the concept of the departmental e-library as a way of providing long-term access to information that remains valuable long after it is removed from an active Website.
Retention and disposition of records. All records posted to a Website are subject to the requirements of the National Archives of Canada Act (1987) and Records Disposition Authorities (RDAs) signed by the National Archivist. Institutions must adhere to archival decisions as reflected in RDAs (including the new Multi-Institutional Disposition Authorities, or MIDAs). However, institutions, not the National Archives, are responsible for determining retention periods for records they manage in the conduct of government business. In keeping with the risk management model, this guide provides a variety of implementation practices. These range from disposing of posted Web documents that duplicate information already captured in a record-keeping system and therefore residing on the Web under low-risk conditions, to maintaining and disposing of original Web-based corporate records within a "local site repository" under high-risk conditions.
Local site repository. The guide introduces a relatively new concept - the "local site repository"- as an interim measure for retaining and disposing of Web based records under high-risk conditions. Using client-server technology, the repository replicates all records at the time they are posted to an active Website and allows institutions to manage that information using metadata.
Metadata. This guide recommends that institutions use metadata to describe information content and context and to manage records and publications throughout their lifecycle. Since numerous initiatives are already underway in this area -- including the IM Forum Description Working Group, the Treasury Board of Canada, Secretariat Government Information Locator System (GILS) Working Group, and the Treasury Board of Canada, Secretariat Records and Document Information Management System (RDIMS) -- and since library cataloguing practices are well established, the guidelines do not attempt to provide additional metadata standards for the Web. Rather, they speak to the functional requirements that emerge from the guidelines.
While the guidelines urge individual departments to manage Web-based records as an integral part of their overall record-keeping environment, they also recognize that not all government departments have developed the same record-keeping capability. Accordingly, the guidelines suggest that those departments that lack the requisite record-keeping infrastructure implement more rigorous and costly management processes for their Websites in the short run, given the high levels of risk associated with information loss, misinterpretation and misuse. In the long run, better record-keeping practices will reduce these costs while improving the quality of information.
The following guidelines address the need to manage information made available through the Government of Canada networked facilities. They are designed to ensure that appropriate levels of management control are put in place to protect government records as evidence of the government's business activities; to reduce the levels of risk associated with managing information within networked facilities; and to provide ongoing access to information for as long as it continues to retain its value. For the purpose of these guidelines, government networked facilities include the Internet, intranets and extranets, serving both Government of Canada employees and the public.
The increased use of electronic networks -- including wide area networks, the Internet, intranets and extranets -- has fundamentally changed the way we exchange, use and manage information. Our focus is no longer solely on managing physical objects but rather on managing multiple instances of documents, each of which may satisfy a different purpose. As the environment has changed so too has our ability to maintain the necessary levels of quality, integrity and accountability associated with documents. As well, the lines that once clearly separated the disciplines of record keeping and library science, as well as published material and recorded evidence, may no longer serve the best interests of our clients. More than ever, we need a coordinated approach that combines the strengths of multiple disciplines.
The guidelines that follow apply to all federal government institutions and address the management of both records and published material on networked facilities, whether for public consumption or for departmental use.
The guidelines in this document are based on the following information management principles.
Institutions should manage information to support effective decision making, public accountability, cost-effective delivery of programs and services, and public access. (1)
All organizations must manage records. Records show how we act; how we deal with our clients, customers, other agencies or bodies in the private sector; and how they deal with us. They are the principal means of demonstrating how we have fulfilled our obligations and, in turn, they hold us accountable for our actions.
Managing electronic information is a significant part of the business operations of the Government of Canada. No single medium currently contains all the information relating to an organization's business activities. Therefore, all sources of information must be managed in a coordinated way, in a manner appropriate to their environment, to preserve and provide appropriate access to records that document the government's business activities.
Government information in all its forms -- including printed materials, voice recordings, electronic data and images -- is a strategic resource and should be effectively managed throughout its lifecycle (2). Accordingly, there is a continuing need:
Government information should be retained only when there is a business need, when there is a legislative or policy requirement, or when it has historical or archival importance.
Specific organizational units should be accountable for managing designated classes of government information to ensure their integrity, quality and relevance and to restrict their accessibility to authorized users.
The guidelines in this document reflect the requirements of the following:
In managing records and published material on networked facilities, institutions should follow the following broad guidelines: (detailed guidelines follow).
The following section describes the context within which records and publications posted to Government of Canada Websites should be managed.
In accordance with the National Archives of Canada Act (1987), "record" includes any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, film, microform, sound recording, videotape, machine-readable record and any other documentary material, regardless of its physical form or characteristics, and any copy thereof.
For the purpose of these guidelines and within the context of the definition of "record" in the National Archives of Canada Act (1987) and the Access to Information Act, a "government record" is recorded information, regardless of its physical form, that a government institution controls and that is collected, created, received or used to initiate, conduct or complete an institutional activity. To meet business and accountability requirements, government records must have sufficient content, context and structure to provide evidence of the activity. (5)
In accordance with the National Library of Canada Act, "published in Canada" means "released in Canada for public distribution or sale, otherwise than by her Majesty in right of a province or municipality." The National Library defines "networked electronic publication" as a "digitally encoded information resource made available to the public through a communication network."(6) The Treasury Board Policy on the Management of Government Information Holdings amplifies these definitions; it states that "published material refers to an information product which has been created and edited for the purpose of distribution or sale. Material published by or for Federal Institutions is deposited in federal library collections." (7) For the purpose of these guidelines, "information products" are documents compiled from available information or data sources that are published for a defined audience and a stated purpose. (8)
A record is considered to be under the control of a government institution when that institution is authorized to grant or deny access to the record, to direct its use and, subject to the approval of the National Archivist, to dispose of it. Records in the possession or custody of an institution, whether at headquarters, regional, satellite or other offices within or outside Canada, are presumed to be under the control of that institution unless there is strong evidence to the contrary (9) .
In managing the quality of recorded information, government departments should ensure that all records and publications under their control are continually assessed with respect to the accuracy, reliability and authenticity of the document content as well as the accuracy, reliability and authenticity of the information about the document -- in other words, the document metadata.
In keeping with the above, all government information, including information distributed on the Web, should be described in a manner that:
Record descriptions must account for the business processes, and associated actions and transactions, that generated the records; the business function or activity supported by the business processes; and the organizational unit accountable for the business processes and the records. (11)
These requirements are good business practice and reduce risks arising from increased liabilities or decreased opportunities that accompany poor record-keeping practices (12).
Government institutions using the Web for business operations need to be aware that they are creating records as a result of these activities. Organizations, therefore, have an obligation to manage this information the same way they manage any other record or document they create in the conduct of government business. They should keep records containing government information in appropriate record-keeping systems so that they can be protected, accessed and conveniently used.
An accountable manager, who authorizes the posting of a document on an electronic network, is deemed to have certified that:
In the absence of appropriate management controls, individuals who disseminate information on departmental Websites may be exposing both themselves and the organization to unwarranted levels of risk. The potential costs of "exposure" may include the loss of operationally critical information, increased administrative costs associated with re-creating existing information, non-compliance with relevant legislation and policy, high legal costs associated with responding to evidential claims, declining levels of client satisfaction and the untimely loss of corporate memory.
The risk management model looks at the levels of risk associated with managing information on individual Websites and recommends appropriate record-keeping and publication management responses for mitigating that risk. Risk factors include:
Escalating levels of response range from continuing to maintain close integration with the corporate records-keeping system, to maintaining snapshots and developing ancillary local site repositories. For modelling purposes, the level of "accountability exposure" or potential risk has been divided into three distinct environments, labelled low, moderate and high. The section entitled, "Accountability Exposure Analysis, and Record-keeping and Publication Management Response," describes these environments and their recommended responses. The model is based on the original work of Dr. J. Timothy Sprehe and Dr. Charles R. McClure (13).
Low Risk of Accountability Exposure:
Record-keeping and Publication Management Response:
Moderate Risk of Accountability Exposure:
Record-keeping and Publication Management Response:
High Risk of Accountability Exposure:
Record-keeping and Publication Management Response:
In assessing the level of risk and determining the appropriate response, each department should perform an accountability exposure analysis for each of its Websites. Depending on the specific nature of the risk, the department may need to invoke one or more of processes described in the section entitled "Accountability Exposure Analysis, and Record-keeping and Publicaction Management Response" to mitigate existing or potential risk. Sample assessments and responses are shown below. (For an implementation overview, see the diagram in Annex A.)
Effectively managing records and publications within a Website environment requires the coordinated efforts of a number of key functional areas. In most government departments, these include the Chief Information Officer (CIO), Web administrators (or Website managers), content managers, communications managers, publications managers, records officers and library professionals. Their areas of responsibility are distinguished as follows:
The Chief Information Officer is normally the designated senior information resource manager in the department who is responsible for overseeing and coordinating the department's information management (IM) activities, including activities related to operating and managing departmental Websites. The senior official for the management of government information holdings (MGIH) is often the closest recognized role.
Content managers are responsible for creating and managing information content. An accountable content manager should be assigned to each document posted on the Web. Content managers ensure that the content of posted documents and their associated metadata is accurate and complete; that the corporate record-keeping system has captured all record material; and that a departmental e-library has captured original and revised versions of all published material and made them accessible. They are most frequently found in the program offices of departments, engaged in carrying out the programs that comprise departmental missions.
Records officers carry out the department's official record-keeping and archival responsibilities. They ensure that the department creates, maintains, transfers, and disposes of records in accordance with applicable legislation and policy.
Departmental librarians facilitate public access to departmental publications by identifying, cataloguing and storing them. Internet publications should be catalogued and, ideally, stored and made accessible through a departmental e-library. In conjunction with the content manager and the National Library of Canada, departmental librarians also identify publications that need to be deposited in the National Library of Canada.
Communications managers manage the flow of information to Websites and provide quality control. They often decide when information will be posted, whether the Website should be limited to current information and when information will be removed from the Website. They may decide whether information is appropriate for the Internet or an intranet.
Web administrators manage the information technology aspects of Websites. In many organizations, Web administrators or their designates operate and maintain Websites, administer the posting rights of content managers and help determine the appropriate format for posted documents, as well as edit, mark up and post the documents. Their role may also include "gate-keeping" to ensure that appropriate metadata are captured and that an accountable content manager has carried out appropriate record-keeping and publication management activities (see Annex B, "Web Administrator's Checklist").
Departments should have a management framework to provide for the oversight of all functions and activities associated with departmental Websites. The departmental CIO should have overall accountability for the framework. Suggested functions should include the following:
Departmental CIOs should ensure that all staff:
Departmental CIOs should ensure that all departmental Websites are assessed with respect to their potential accountability exposure and that there is a certification process to:
The departmental CIO should establish an overall accountability framework for Website management that:
Departmental CIOs should ensure that Website management functions and activities are incorporated within the overall record keeping and publication management functions of the department.
Departmental CIOs should ensure that corporate policies, standards and practices are developed for managing Websites and that clearly defined roles and responsibilities for discharging these are assigned. Specific activities should include the following: