DIVISION OF INFORMATION TECHNOLOGY

ENTERPRISE ARCHITECTURE

CSU Information Assets

Identification Guide
Version 1.0 - January 2015

Page | 1 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

Document Control
Version Author Issue Date Revisions
1.0 Colleen 01/12/2014 First version.
Middleton

Acknowledgements
This Document was based on the Queensland Government ICT Planning Methodology which is part
of the Queensland Government Enterprise Architecture (QGEA) 2.0 developed and updated by the
ICT Policy & Coordination Office and Queensland Government Chief Information Office (QGCIO).

Contents
1. Purpose of this Document .............................................................................................................. 3
2. Reference Materials ........................................................................................................................ 3
3. Information Asset Definition........................................................................................................... 3
4. Information Asset vs Data Asset ..................................................................................................... 3
5. Information Asset Identification ..................................................................................................... 4
6. Special Considerations .................................................................................................................... 4
6.1 Electronic Document and Records Management System (eDRMS) ....................................... 4
6.2 Web Content Management Systems (WCMS) ........................................................................ 4
6.2.1 Static web content .......................................................................................................... 4
6.2.2 Dynamic web content ..................................................................................................... 4
7. Classification of an Information Asset ............................................................................................ 5
8. Registration of an Information Asset .............................................................................................. 6
9. Appendix A - Information Asset Identification Assessment ........................................................... 7
10. Appendix B – Relationship between Information and Data Assets .............................................. 10

Page | 2 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

1. Purpose of this Document

A guideline for identifying CSU information assets for the purpose of supporting business ICT
planning, initiative proposals, projects and existing information systems in the effective capture, use,
protection, governance and overall management of this type of organisational asset.

2. Reference Materials
The following reference materials may be useful in providing additional context to the content of
this document:

CSU Information & Data Standards

3. Information Asset Definition

A CSU information asset is defined as:

“An identifiable collection of data stored in any manner and recognised as having value for
the purpose of enabling an agency to perform its business functions, thereby satisfying a
recognised agency requirement.”

Information assets are generally first identified during the analysis step within the ICT Planning
activities (including Strategic Sub Plans and ISIP submissions).

DIT Technology Project teams are responsible for the management and delivery of ICT-related
enterprise projects. Where information is within scope, the identification of information assets will
be necessary, typically in the analysis and design phases.

4. Information Asset vs Data Asset

As referenced from the CSU Information & Data Standards:

“An information asset is an identified collection of data which may include data that is also
independently recognised as a data asset. For example the information asset General Ledger
includes recognized data assets such as Ledger Fund Code, Ledger Organisation Code.”

Another view of the comparison between an Information and Data Asset is available in Appendix B.

Page | 3 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

5. Information Asset Identification

With reference to CSU’s definition of an information asset (3), the following list is a guide to
identifying individual information assets.
 An information asset is a logical concept.
 An information asset should be named using nouns.
Asset name = Subject noun (typically singular) + Format noun (inherently a collection, group
or plural)
 An information asset is named independently of any system or application.
 An information asset should be named using common business terminology of the agency.
 An information asset has value if it is actively used by a business or decision making process
or exhibits a lifecycle.
 An information asset is defined at a level of detail that allows its constituent parts to be
managed usefully as a single unit.
 Reference information sources are not considered to be an information asset of the agency.
 An information asset that is exchanged, received or commissioned externally should be
identified as an information asset of both CSU and the external organisation.
 Information present in two different content types results in two information assets.
 An information asset should represent a collection of information.
 An information asset should be recorded if the status of the information set remains
unclear.

Refer to Appendix A for an assessment checklist to assist the identification of an information asset.

6. Special Considerations

6.1 Electronic Document and Records Management System (eDRMS)

For the purpose of ICT Planning and ICT Baseline methodologies an eDRMS is considered to contain
information about the tracking of files and documents. The contents of any documents / files it holds
are to be dealt with as separate assets. Recommendation is to identify eDRMS as containing
information assets such as “Business Records Repository” or “File and Records Inventory” (or similar
name as per business area terminology).

This approach is also recommended for other similar pure catalogue, tracking or inventory systems
such as library cataloguing.

6.2 Web Content Management Systems (WCMS)

6.2.1 Static web content

It is recommended that static web site content is decomposed into information assets that match
the site (navigation) structure (or division of information within the WCMS).

6.2.2 Dynamic web content

Where a web site contains a dynamic application or is the gateway for an application then the
dynamic component or application may generate its own set of information assets.

Page | 4 v1.0

7. Classification of an Information Asset
To inform and guide the effective use, protection, governance and overall management of an information asset, a number of classification schemes are
referenced to enable a consistent approach to describing an information asset.
Classification Scheme
Information Portfolio Framework
Security Classification
Master Data Asset
Personal Information
Policing Staff/Student Information
Custodian
Content Type
Other CSU Classification Scheme
Industry Specific Classification
Scheme
Page | 5
Description
Provides an organisational information
framework (blueprint) to enable the mapping of
CSU’s information assets against the framework.
A set of security classifications that address
business & legislative requirements for the
protection of information assets.
Data that is shared across the organisation to
support operational and strategic activities.
A legislative classification of what is personal and
sensitive information, as per the NSW Privacy
Act.
An internal CSU classification based on a policing
student identification rule as specified by Division
of Student Administration.
A classification based on which CSU
Organisational Unit ‘owns’ the information asset.
Describes the different content types an
information asset may be stored and managed to
optimise use.
A CSU defined scheme, such as business
intelligence subject area domains or enterprise
data domains.
Industry or sector classification schemes that is
applicable to the management of CSU
information assets.
DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE
Purpose Mandatory
To provide visibility of information assets to support proactive, M
effective, consistent:
Planning, development, reporting & use of assets.
Inform decisions on appropriate protection & handling controls M
to be put in place.
Identifies an information asset that is also in part or wholly a M
data asset that is an authoritative source of truth.
A classification to support the organisation identify information M
that it holds that must be managed in compliance to NSW
Privacy Act.
To support CSU’s policing contractual agreement, in particular M
on security, sensitivity and privacy issues.
To support governance and management of asset for both M
strategic and operational considerations.
Understanding content type provides a basis for information M
planning, management & use.
To assist understanding context and scope of information -
within a particular business perspective.
To inform management of assets as appropriate to -
specialisation, characteristics of the classification scheme.
v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

8. Registration of an Information Asset

As a result of identifying an information asset to enable support and leverage the value of CSU’s
information asset collection, the relevant change activity stakeholder/s or Custodian are requested
to ensure the information asset is registered within CSU’s ICT Asset Register.

Registration of an information asset provides organisational visibility of the asset to enable the
University to further support and leverage the asset by optimising availability and contribution to
the broader organisational information collection.

To register assets on the CSU information registers, contact the Enterprise Architect (Information).

Page | 6 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

9. Appendix A - Information Asset Identification Assessment

Below is a checklist for use in the identification of CSU information assets for use within planning,
during analysis and as a quality assurance mechanism prior to registration of an information asset.

Step 1: Discovery of information assets

Answer all the questions below to determine whether the information you have identified is an
information asset or merely an information reference.

Question Response
Proposed Information Asset

Brief Description

Question No Yes
1a Is the information used as input or output of a business process?
1b Is the information used in a decision making process?
1c Is the information used to evaluate a rule or condition?
1d Is the information subject to a typical information lifecycle (plan, create,
store, access, use, maintain, archive, dispose).
1e Is the information received from an external agency or source and
exchanged on a regular basis?

If the answer to any one of the questions in step 1 is ‘Yes’, a potential information asset has been
identified, go to step 2. If the answer is No to all questions 1a-1e you have probably identified an
information reference that need not be reported or registered.

Step 2: Confirm the granularity of the information asset

Answer the questions below to determine whether the information asset is defined at a consistent
level of granularity.
Question Instructions
2a Does the information asset represent a collection of valid No - Go to question 2b.
business information?
Yes - Go to question 2c

2b Is the information part of an existing information asset? No - Identify other information that
comprise the asset, record this in
the asset description. Then go to
question 2c.

Yes - Merge the information assets

and adjust the description. Then
return to Step 1.

2c Does the information asset manifest as a single content No - Separate information asset by
type? i.e. Transactional, Analytical, Authored, Publication content type, then return to
Step 1.

Yes - Move to Step 3.

Page | 7 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

Step 3: Check the name of the information asset

Answer the questions below to determine whether the information asset is named correctly.

Question Instructions
3a Is the information asset named correctly using subject No - Revise the name of the information
noun(s) and format noun? asset to reflect the subject content of the
asset and its primary form. Then
continue.

Yes - Go to question 3b.

3b Is the information asset named using common agency No - Revise the name in consultation with
business terminology? the agency business representatives. Then
move to Step 4.

Yes - Move to step 4.

Step 4: Verify classification of the information asset

Answer all the questions below to determine whether the information asset classification changes
the definition of your information asset

Classification Scheme Mandatory Response Comment

Security Classification M
Personal Information M
Policing Student Information M
Custodian M
(Primary) Master Data Domain O
Information Portfolio M
Framework
Master Data Asset M
Content Type M
Analytics Subject Area O
Other CSU Classification Scheme O
Industry Specific Classification O
Scheme

Page | 8 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

Office Use Only

Step 5: Verify Information Portfolio Framework classification of the information asset

Answer all the questions below to determine whether the information asset classification changes
the definition of your information asset.

Question No Yes
4a Is the information asset mapped to more than one primary domain?
4b Was the information asset’s primary domain difficult to isolate from one or
more of its secondary domains?
4c Were more than three (3) potential secondary domains identified for the
information asset?
4d Is the information asset classified using domains in different information
archetypes within the information portfolio framework?
4e Is the information asset classified by its form rather than its content?

If the answer to any one of the questions in step 4 is Yes, the granularity of the information asset
may be an issue. Confirm that the information asset defined is not too broad or narrow in terms of its
scope. If changes are made to the information asset, return to Step 1.
Otherwise, your have identified and classified your information asset.

Page | 9 v1.0
 DIVISION OF INFORMATION TECHNOLOGY
ENTERPRISE ARCHITECTURE

10. Appendix B – Relationship between Information and Data Assets

Information and Data Assets
Information Asset Data Asset (electronic) Data

Information asset may

Information Asset
Table
Data entity is electronically
be made up of one or Data Attribute captured as a single or a set
more data entities Data Entity combination of digital objects
A data entity will have Structured & unstructured formats
one or more required
attributes
Data entity is
associated with one
or more information
assets

Characteristics of the
Description

Represents a business ‘thing’ that

Data organised for a business purpose & context
discrete business need to be known &/or Electronic capture of a business ‘thing’
that gives it meaning & relevance
‘thing’ managed

Top Down
At a level to match business objective and that  At a level that recognises the different
Granularity

allows its component parts to be managed ‘things’ that combine to deliver on the At a level that identifies the electronic data that
usefully as a single unit: required information asset represents the business ‘thing’
 too broad, will not have enough detail Bottom Up
 too fine, will have thousands of assets  At a level required by business function
Context

Logical context Logical context Physical form

Label

Influenced/restricted by technology solution

Business Terminology Business Terminology
terminology or conventions

Top Down
ICT Asset Register

Identify information assets that is of value to

CSU:  Identify the ‘thing/s’ that make up the
Identify the electronic representation and
Purpose

 Management information asset

Bottom Up authoritative source of ‘thing/s’
 Planning
 Decision-making  Identify authoritative source
 Change management  Identify data assets required by business
functions

Informed by business objective including Expands on rules about ‘things’ that form part of Expands further on rules about ‘things’ to enable
information asset ie. mandatory attributes,
Rules

applicable compliance business rules in digital environment, integrity,

association rules, restricted values, industry quality, protection and technology standards, etc.
standards,etc.

Page | 10 v1.0