Report 17: 2018-19

Records Management in Local Government

Important records are not properly managed

EMRC, Mosman Park and Toodyay had records that were missing or not available on request. All 4 LGs reviewed had important records stored outside their approved records management systems.

Some records were missing or difficult to find

We sampled a small number of important records at each LG. Records that were missing or difficult to find at 3 out of the 4 LGs included:

  • contract documents
  • human resource records such as required police clearances, reference checks, job position descriptions and staff qualifications
  • property planning approvals including assessment sheets and copies of certificates of title
  • complaint correspondence.

For example, at Toodyay we were unable to find reference checks for 5 of the 6 human resource files we reviewed, including for a senior management position. We have previously recommended state government entities keep sufficient evidence to demonstrate that an employee’s identity, professional qualifications, and right to work in Australia were checked before employment[1]. The same would apply to LGs.

We were also unable to find within a reasonable time, 2 out of 5 property planning assessment sheets at Mosman Park and a signed acceptance and agreement document for an important contract at EMRC.

Missing or difficult to find records indicate failings in the way records are managed. Timely access to records supports good decision making and efficient and effective use of limited staff resources.

Records were often stored outside records management systems

We found all 4 LGs stored some finalised records outside of their approved records management systems. Specifically:

  • All LGs stored records on network drives that were not captured by or linked to the approved records management system. One of the LGs had a large number of records stored in this way and another had some sensitive human resource records stored without appropriate access security.
  • Canning kept records on business systems that were not identified in its RKP. None of these systems had sufficient records management functionality so they were linked into the record management system. However improper links caused dumping of thousands of records into the records management system without retaining or setting meta-data to allow easy searching, retrieval, retention and disposal.

Business systems can be, and often are, used as records management systems. But they must either have records management functionality or final records must be captured in a records management system to allow records to be efficiently and effectively managed. Records management systems typically allow users to:

  • create and capture records
  • apply meta-data to allow for easy retrieval such as standardised classification and thesaurus, title, author, creation date and custodian
  • apply timeframes and triggers for retention, disposal and archiving
  • apply appropriate security and access controls for records.

Storing records outside approved systems increases the risk they will be lost, altered, or destroyed. It can also make records processing for retention, disposal or archiving far more difficult and time consuming.

[1] Office of the Auditor General, 2015, Verifying Employee Identity and Credentials, p.11.

Back to Top