Consultation on the draft ‘Information Management requirements for SAAS’

What is the purpose of the document?

To improve the outcomes of SAAS deployments by ensuring that the long term management of information requirements are considered when procuring SAAS products.

We identified that many current SAAS requirement checklists did not consider information management issues such as information integrity, access, privacy, security, and handling of the information at end of contract. These issues increase the risk of poor outcomes for government: failures in future service delivery; financial loss and waste; governance, and accountability.

The document is not a standalone SAAS checklist, and does not cover generic SAAS requirements.

What does the document do?

Australian governments, both State and Federal, have legislative requirements on the handling of information, irrespective of where it is stored. These requirements apply to information stored in SAAS products.

The document illustrates how these legislative requirements can be applied using five checklists outlining issues to be considered when evaluating SAAS products.

What impact will this have on the public sector?

It will improve the ability of government agencies to efficiently and effectively carry out their responsibilities by ensuring that information is managed in accordance with legislative requirements. It will reduce the risk of poor outcomes for government in SAAS deployment by reducing the risk of failures in future service delivery; financial loss and waste; governance and accountability.

What do we want you to do?

Please review the document and let us know what you think. You do not need to review the entire document.

We are particularly interested in the following questions:

  • Are there any information requirements that are missing from the document? Please note that this document is not a standard alone SAAS checklist and it does not cover generic SAAS requirements that are covered by other checklists.
  • Are any of the requirements, in your view, unnecessary?
  • Are any of the requirements unclear?

If you know anyone who may be interested in commenting on the document, please bring it to their attention.

Who prepared the document?

The document was prepared by the Australasian Digital Recordkeeping Initiative (ADRI). The members of ADRI are the State and Federal archives of Australia and New Zealand ADRI is a key work program of the Council of Australasian Archives and Records Authorities (CAARA).

How do you comment on the document?

Please add your comments to the attached comment form, and send them to

What is the deadline for comments?

The deadline for comments is Wednesday, 18 December 2019