1. The purpose of our policy
This policy sets out Adelaide University’s requirements for creating, managing, retaining and disposing of information assets in compliance with legislative and regulatory obligations (including the State Records Act 1997 (SA) and Australian Code for the Responsible Conduct of Research 2018 (Australian Research Council)). It affirms the University’s commitment to transparency, accountability, and the responsible stewardship of institutional records and information.
Transferred records from the University of Adelaide and the University of South Australia (foundation universities) are maintained in accordance with this policy and relevant legislation to preserve their integrity, ensure their discoverability, and support ongoing access for governance, research, and public accountability purposes. These records are treated as vital institutional assets and are subject to retention and disposal schedules as determined by the State Records Act 1997 (SA).
Adelaide University information assets are the property of Adelaide University and not of the personnel who create them.
Please read this policy in conjunction with:
- [Data Management Procedure]
- Information Breach Procedure
- Records Management Procedure
- Controlled Environment Devices and Storage Policy.
2. Who our policy applies to
This policy applies to all members of the Adelaide University community.
It covers all stages of the information lifecycle, including the creation, management, retention, and disposal of information, data, and records.
Research data created in the course of any research activity hosted by Adelaide University is also considered an information asset and is subject to this policy. Related responsibilities, including ownership and third-party agreements, are further addressed in the [Research Data and Primary Materials Procedure].
This Policy also applies to the management of Information Assets of University Controlled Entities.
3. Our information governance principles
Our principles for this policy are:
3.1 Adelaide University proactively manages its information as business-critical and strategic assets
Information is regarded as a vital asset of Adelaide University: its value, both current and future, is determined, understood, governed and leveraged to document and support business decisions and outcomes and meet statutory obligations.
Adelaide University information assets will be managed throughout the information lifecycle in accordance with the [Data Management Procedure] and the Records Management Procedure.
Information assets will be maintained and must not be destroyed without proper authorisation in accordance with the Records Management Procedure.
Information assets of permanent, enduring or archival value (administrative, legal, financial or informational) will be maintained by University Archives in accordance with [Data Management Procedure], Records Management Procedure and [Special Collections and Archives Procedure].
3.2 Adelaide University manages its information assets to meet compliance and accountability obligations and mitigate risk
Adelaide University determines and documents what information assets need to be created and kept in accordance with compliance requirements and a risk management approach to support business objectives and satisfy the State Records Act 1997 (SA) requirements.
3.3 Information assets are used to inform and record strategic business decisions and outcomes.
Information assets are captured and stored effectively so that they are accurate, complete, reliable, re-usable and irrefutable for business, evidentiary, research, compliance and reporting purposes.
Information assets and related data must be captured in Adelaide University-approved and supported storage per Records Management Procedure.
Once created and captured, Adelaide University information assets must not be altered and can only be destroyed in accordance with the relevant Disposal Schedules and the State Records Act 1997 (SA).
To ensure lawful and consistent management of Adelaide University Information Assets, the University will apply General Disposal Schedule No.30 (State Records SA) and implement General Disposal Schedule No.21 (State Records SA) to support compliant records digitisation.
3.4 Adelaide University maintains a robust information security environment
Information assets and data must be clearly identified and classified by the [Information Steward] as detailed in the [Data Management Procedure] following the Information Governance Guideline V1 (State Records SA).
Based on the classification, Adelaide University will apply consistent security controls at a level dependent on the risk profile.
3.5 Adelaide University is committed to the responsible collection, retention and handling of confidential, personal and sensitive Information.
Information assets are managed and held within a secure environment that makes them easy to find as well as appropriately accessible and shared (subject to access, ethics, privacy, confidentiality and contractual requirements).
The collection, use, disclosure, management, and access to personal information (including sensitive personal information) and data must comply with the Privacy Act 1988 (Cth), the Privacy Policy, and the [Privacy Management Procedure].
4. Definitions used in our policy
This policy document has been adopted from the University of Adelaide and adapted to meet Adelaide University requirements. All definitions have been reviewed and aligned with the Adelaide University glossary to ensure consistency and accuracy. Where terms differ from common usage or legacy terminology, the definitions in the Adelaide University glossary prevail.
Adelaide University community refers to a broad range of stakeholders who engage with Adelaide University and includes (but is not limited to) all students, staff, and non-staff members of Adelaide University including alumni, honorary title holders, adjuncts, visiting academics, guest lecturers, volunteers, suppliers and partners who are engaging with and contributing to the work of Adelaide University.
Data means information in any format, that Adelaide University collects, creates, receives, maintains or uses for teaching, research, administration or compliance, and that underpins analysis, decision-making or reporting.
Disposal means the secure and authorised destruction, deletion, or transfer of data that is no longer required to be retained, in accordance with the State Records Act 1997 (SA), Adelaide University records disposal schedules, and approved destruction methods.
Disposal schedule means Record Disposal Schedule approved by State Records that sets the minimum retention periods and authorised disposal actions for information assets under the State Records Act 1997 (SA). Methods include secure destruction or transfer to archives.
Information asset means information, in any format or system and wherever located, that Adelaide University manages as a resource for decision-making, teaching, research, operations or compliance throughout its lifecycle. Examples include documents and records, publications, web content, emails and messages, spreadsheets, images and photographs, datasets and databases, drawings and plants, and audio or video recordings.
Information governance means the strategic system that helps an organization manage its information assets including data, records, and documents throughout their entire lifecycle to support business objectives and comply with legal and regulatory requirements.
Information lifecycle means the end-to-end management of information throughout its lifecycle: planning and design; creation or receipt; storage and sharing; maintenance and administration; use to meet business needs; and disposal (including destruction or transfer to archives for ongoing retention).
Information steward means the person responsible, on a day-to-day basis, for the quality, classification, integrity and ethical use of information within one or more related groups of information (information sub-domains) under an information domain (for example: enrolment, general ledger, talent acquisition or research projects.
Record means information created, received or kept by Adelaide University in the conduct of its activities (including teaching, research and administration) and retained as evidence of those activities, regardless of format, medium or location, as defined in the State Records Act 1997 (SA).
Research data means information or materials, in any format, collected, generated, or created in the course of research conducted by Adelaide University staff, students or affiliates under Adelaide University auspices, that underpin analysis, interpretation or verification of research findings, including primary materials, datasets, software and code, models, and associated documentation and metadata.
5. How our policy is governed
This policy is categorised, approved and owned in line with the governance structure of Adelaide University and the offices and officers listed below.
| Policy category | Corporate |
|---|---|
| Policy owner | Deputy Vice Chancellor – Corporate |
| Procedure category | Corporate |
| Approving authority | Co-Vice Chancellors/Vice Chancellor and President |
| Responsible officer | Chief Data and Analytics Officer |
| Effective from | 19 December 2025 |
| Review date | 6 months after date this version is approved |
| Enquiries | Interim Central Policy Unit/[Central Policy Unit] staff.policy.enquiries@adelaideuni.edu.au |
| Replaced documents | None |
6. Legislation and other documents related to our policy
7. History of changes
| Date approved | To section/clauses | Description of change |
|---|---|---|
| 22 December 2025 | N/A | New policy |
At the time of writing, Adelaide University’s organisational structure, position titles, and committee names have not been confirmed. Square brackets [ ] indicate placeholders for these details. Brackets are also used to identify policy elements that are subject to further decision-making or confirmation. These will be updated once final decisions are made.