Overview of the Organisation
The University of Notre Dame Australia is a private Catholic University located in the City of Fremantle. The university was established in 1989 by an Act of the Parliament of Western Australia and the organisation’s leadership made sure that the existing policies and regulations are consistent with the corresponding standards and norms imposed by the Department of Education and Training (“Introducing Notre Dame,” 2020). At present, the university has more than 12,000 students enrolled in a set of undergraduate and postgraduate programs in a range of disciplines, including but not confined to business, education, sciences, arts, law, health sciences, nursing and medicine, and philosophy.
Overview of the Work Area and Its Information Requirements
All higher educational establishments should comply with a range of policies and standards aimed at ensuring the provision of high-quality educational services to students and improving the country’s educational system (see Appendix A). According to the Higher Education Standards Framework (Threshold Standards) of 2015, higher educational facilities should develop their regulations based on the current legislation (Department of Education and Training, 2015). At that, the purpose of these norms is to facilitate the educational process and serve as the platform for effective management tools and strategies (Department of Education and Training, 2015). In simple terms, the regulations are a form of guidance for educational establishments to help them manage all the operations and processes effectively.
Information management is one of the basic spheres that ensure the proper functioning of any organisation, which is specifically true for educational establishments that aim at contributing to the knowledge base and educating people. Some of the primary areas of concern regulated by these organisations involve the “distribution, sharing and exploitation of information and knowledge” (Kirrane et al., 2018, p. 153). Security and wellbeing of users, as well as privacy concerns, within these domains are seen as critical objectives to be attained (Department of Education and Training, 2015; eSafety Commissioner, n.d.). All the stakeholders are encouraged and required to ensure responsible use of information.
Diverse acts and regulations describe in detail the proper exploitation of data, and some of them define different types of misconduct (eSafety Commissioner, n.d.). The focus is often on general strategies to be utilised, and there is a lack of standard guidance, where all these aspects could be highlighted (Kirrane et al., 2018). Nevertheless, based on the review of the existing requirements, it is possible to note that the stakeholders are to undertake precautions to avoid any data management breach and use the information they access ethically and effectively.
The Purpose of the Analysis
The purpose of this analysis is to review the Information Management Policies at the University of Notre Dame Australia and evaluate their compliance with the existing norms, as well as assess the effectiveness of information security norms. Based on the identified gaps, a set of recommendations will be developed. To achieve the mentioned goals, the review of the regulations developed by the following agencies and institutions was conducted: the Department of Education and Training, Universities Australia, and the University of Notre Dame Australia. In addition, the analysis of the recent literature on policies and regulations with a specific focus on education was implemented. Books and peer-reviewed articles were used to develop the recommendations that can enhance the effectiveness of the policies existing at the educational establishment under consideration.
Summary of the Findings
The current regulations regarding information management at the University of Notre Dame Australia are consistent with the norms and standards imposed and suggested by authorities and reputable associations. The university pays specific attention to users’ security, as well as the security of data that is shared, stored, and distributed within the information system of the educational facility. Nevertheless, the available policies have several gaps linked to the degree of ambiguity and clarity, as well as the absence of specific requirements related to reporting privacy and security issues and the lack of guidance concerning the use of social media (see Appendix B). The policies lack the data regarding representatives of the university or departments responsible for the compliance with policies. In addition, the documents have little data as to potential penalties and sanctions imposed for different types of violations.
Key Recommendation
The key recommendation is to develop a brief policy containing the requirements to report any instances of information mismanagement (see Appendix C). The policy should be concise and clear, with all corresponding notions defined and specific actions described (Landoll, 2017). The description of exact types of misconduct and specific steps responsible users should undertake when witnessing or being involved in a potentially hazardous activity has to be provided. This document will also highlight all the available communication channels for reporting, as well as particular consequences and penalties that can be imposed. Other policies should include references to the new policy, so it is necessary to review the current information management requirements.
Conclusion
The suggested changes will be instrumental in meeting the university’s legal and organisational mandates in several areas. The development of the policy mentioned above will ensure a high degree of clarity regarding the steps stakeholders should undertake in a situation that can potentially violate people’s privacy rights. The university will obtain another effective tool to protect data and promote the culture of the responsible use of information. Such areas as the use of social media, information management literacy, sanctions and penalties, as well as the representatives of the university responsible for the implementation of policies, should be covered. The review of other policies and making them clear and more concise will help the university improve its operations and avoid possible litigations. In addition, the university will raise stakeholders’ awareness of information management and possible types of the breach or other misconduct. These changes can help the facility avoid some litigations that can arise as a result of their students’, employees’ or partners irresponsible data use.
References
Department of Education, Skills, and Employment. (2020). Privacy. Web.
Department of Education and Training. (2015). Higher Education Standards Framework (Threshold Standards) 2015. Web.
eSafety Commissioner. (n.d.). Universities. Web.
Introducing Notre Dame. (2020). The University of Notre Dame Australia. Web.
Kirrane, S., Villata, S., & d’Aquin, M. (2018). Privacy, security and policies: A review of problems and solutions with semantic web technologies. Semantic Web, 9(2), 153-161. Web.
Landoll, D. J. (2017). Information security policies, procedures, and standards: A practitioner’s reference. CRC Press.
Mikolic-Torreira, I., Snyder, D., Price, M., Shlapak, D., Beaghley, S., Bishop, M., Harting, S., Oberholtzer, J., Pettyjohn, S., Weinbaum, C., & Westerman, E. (2017). Exploring cyber security policy options in Australia. Web.
University of Notre Dame Australia. (2020). Policies, procedures and guidelines. Web.