- What is decommissioning?
- Identifying opportunities for decommissioning
- Decommissioning checklist
Many NSW public offices have accumulated large amounts of data in legacy systems. Many of these systems were not designed with a long term view of the value of the data they generate and contain, which are often key business records and information. Along with high value records and information, many systems contain data that is either trivial, duplicated or no longer required. Detailed reviews across the Victorian and Queensland public sectors demonstrate the potential scale of the problem. It is likely that there are similarities to these other environments in the NSW public sector.
The Standard on Records Management provides a framework of requirements for managing NSW public offices’ records and information. When conducting a decommissioning project, public offices can demonstrate compliance with these requirements by:
- assessing, and implementing where required, records and information management requirements in system acquisition, system maintenance and decommissioning
- taking into account retention and disposal requirements for records and information contained in a system which is to be decommissioned.
The purpose of this guidance is to draw together advice and procedures to allow public offices to identify legacy systems, and identify and overcome the barriers to dealing with the data in those systems through migration and decommissioning as a routine component of its information management and technology program.
Decommissioning is a process by which a business application (or system) is removed from use in an organisation. Decommissioning requires analysis of the data in the system, identifying the data, metadata and system documentation that must be brought forward and retained, and an accountable process for deletion of residual data in the system.
A useful definition is that a system should be decommissioned when either: the system is replaced by a new target system covering the same functionality, or the system is obsolete because it no longer supports the business process.
There are a range of business drivers for decommissioning, including:
- transitions to new generation systems
- project completion or termination
- structural reorganisation
- transfer of functions due to regulatory and organisational changes
- disposal of physical assets.
Legacy systems are often repositories of records and information with significant business value. However, because they often rely on niche expertise and technologies for ongoing maintenance, they pose significant costs and risks. All business systems will eventually become legacy systems due to rapidly changing technology and business environments. Ideally, decommissioning planning will form a part of system design and implementation. Structured decommissioning methodologies have been developed by other government jurisdictions in Australia and internationally.
In NSW, many public offices have accumulated data in systems which have been superseded for business, technical or regulatory reasons. Organisations that have identified these systems require a process to accountably manage the decommissioning of data in the system.
Opportunities to decommission systems, and the drivers to justify doing so, vary significantly based on organisational, informational and technical factors. Specific costs and resourcing risks can be quantified by making an assessment across an organisation’s digital environment.
The factors for consideration include technology obsolescence risks, security risks, licensing costs, system documentation deficits and critical staffing risks, and can be identified to provide the rationale for the decommissioning process.
The following are common scenarios in which decommissioning projects will occur.
The ideal scenario for decommissioning is that it is considered and planned for as part of the standard project methodology for the development of new systems, and the necessary analysis and business engagement occurs.
New system implementation projects commonly involve consolidating and rationalising multiple legacy systems with diverse business owners. Decommissioning planning can be complex and should occur alongside other project activities rather than as an afterthought.
Application rationalisation projects
Organisations may undertake comprehensive surveys of business units to determine those applications which are no longer supporting core business processes due to implementation of new systems. Assessing the entire organisation’s application portfolio identifies the scale of problems (and opportunities) which may only have been measured at an individual business unit level. While inaction on legacy systems may have been acceptable when considered individually, in aggregate the value of or need to address the issue is much clearer.
Infrastructure rationalisation projects
Organisations have undertaken a comprehensive infrastructure usage analysis as part of the government Data Centre Reform program. This process can also help to understand the cost of over-retention of legacy data in business applications. In particular, certain types of systems may require infrastructure which is expensive and onerous to maintain.
Understanding the infrastructure costs associated with an organisation’s portfolio of applications has provided some organisations with the ability to immediately identify cost savings, such as over-allocation of high-performance storage for low priority data and excessive time periods for retention of backups. This has given some organisations concrete cost saving estimates to justify improvements.
The following specific considerations are essential when planning decommissioning. The considerations are linked to relevant requirements of the State Records Act 1998 and the Standard on Records Management, and also refer to State Records NSW processes and guidance.
Protection of State records
Records and information must be protected from unauthorised or unlawful destruction, loss, deletion or alteration (Part 2 and Part 3 of the State Records Act 1998). Protecting records and information is a core responsibility of an organisation during a decommissioning project, and will often require migration of records/information to the new system. However, decommissioning also provides a natural opportunity to dispose of records which are no longer required.
☐ Have system records/information been mapped to an authorised retention and disposal authority?
Organisation-specific (functional) and general retention and disposal authorities are issued by State Records NSW and published on our website .These provide the retention rules for specific categories of business records/ information. If no authorised retention and disposal authority exists for these records/information, the procedures for developing a retention and disposal authority are available.
☐ Does the system contain records/information scheduled for long term retention or retention as State archives?
If business use has ceased for archival-value records/information, the organisation should consider starting a digital archives transfer project. State Records NSW has produced a Digital Archives Migration methodology as well as project documentation templates to assist with this process.
☐ Are there records/information in the system not covered by an authorised retention and disposal authority?
If records are not covered by a retention and disposal authority, see procedures for disposal authorisation for advice on how to develop an authority.
For further advice, Government Recordkeeping staff can be contacted at email@example.com.
☐ Has metadata and system documentation necessary to support the integrity of the records been identified?
The general retention and disposal authority for administrative records (GA28) includes retention and disposal rules for management of technology and telecommunications records, including specific retention rules on records generated in the course of application development and management, security management , and other common technology management processes. These provide rules for specific categories of system documentation and metadata.
State Records NSW has published minimum requirements for metadata for authoritative records and information. Migration of metadata is also covered in the guidance on the management of source records which have been migrated.
Meeting business requirements and other obligations relating to retention of data
While an organisation may have met its legislative obligations for the retention of data, there may be other important reasons to migrate and retain records from a legacy system before decommissioning. This could occur either through migration to the target system, or management in another repository.
☐ Have information architectures been reviewed to ensure all dependencies on the data in this system have been resolved?
Example: An Identity and Access Management Directory may contain data which is needed to verify action / approval metadata in a system workflow.
☐ Are the records/information in this system duplicated across multiple systems or data repositories?
Example: In complex digital environments, information may be duplicated across several systems, particularly where the functions of backup and “archive” (retention of semi-active records on more efficient infrastructure) are not clearly defined. There may be an opportunity to analyse, document and consolidate these data repositories as part of decommissioning. However in themselves backup systems are not a long-term information management strategy.
☐ Does the system contain information which is personally valuable to individuals?
Example: While high-value personal records, such as individuals’ case management records are specifically identified by public offices’ individual functional authorities, these records may also be dependent on data in other linked system in order to be complete.
☐ Does the system function as a source of authority for a high value dataset?
Example: Does another business unit or public sector entity rely on the data in the system, despite business value having ceased for your public office. For more information, read about the Information Asset Register.
☐ Does the system contain valuable information about businesses and individual clients’ interactions with governments?
Example: Were clients given an undertaking, or do they or the community at large have a reasonable expectation that data in the system about interactions with government will be maintained on an ongoing basis?
☐ Does the system contain records/information which otherwise have a high public or commercial value?
Example: Emerging or unexpected uses may make it relevant to retain information for longer and/or make it available to the public. See NSW Open Data Policy for more information.
Migrating digital records required for further retention
The Standard on Records Management requires that Records and information are sustained through system and service transitions by strategies and processes specifically designed to support business and accountability. This means that organisations should document their migration strategies, and that migrating records and metadata from one system to another is a managed process which results in trustworthy and accessible records.
Although migration is very system-specific, the Digital Archives Migration methodology is a structured methodology developed to support the process of migrating records required to be kept as digital state archives. The methodology is also able to be applied to other digital records migration project by adapting or omitting the digital archives-specific processes in the methodology.
The general retention and disposal authority for source records which have been migrated (GA48) provides for the authorised disposal of State records that have been used as the input or source records for successful migrations. GA48 establishes a number of conditions which must be satisfied before source records can be destroyed.
Further information about meeting the conditions established by GA48, and documenting and preserving the essential characteristics of digital records through migration, is available in our advice on migrating records.
Managing residual data not identified for migration
It can be common for systems where key data has already been migrated to remain in an operational state. There are risks to this approach and the following risk factors emphasise the need for decommissioning to occur following the completion of the migration project.
☐ Does the system contain data which poses significant privacy risks?
☐ Does the system contain data which poses significant commercial risks?
☐ Does the system contain data which poses other significant organisational risks?
A government organisation continued to maintain a web-facing application containing client contact information, despite records retention rules and business use having been met. These systems, if unmaintained, are vulnerable to being breached by hackers, necessitating the organisation telling clients their contact information and interactions had been compromised despite their being no valid reason for its ongoing retention.
Victorian Auditor-General’s Report, Financial Systems Controls Report: Information Technology 2014–15, October 2015, www.audit.vic.gov.au/publications/20151007-Financial-Systems-IT/20151007-Financial-Systems-IT.pdf (viewed November 2015)
Queensland Government Chief Information Office, Queensland Government ICT Audit, October 2012, www.parliament.qld.gov.au/documents/tableOffice/TabledPapers/2013/5413T2865.pdf (viewed November 2015)
IBM, Application Decommissioning: How to help our clients to reduce cost and complexity, March 2013 (viewed November 2015)
Queensland State Archives' resources and guidelines to assist in managing recordkeeping obligations associated with the decommissioning of business systems (viewed May 2016)
Californian Government Office of Systems Integration Best Practices resources on system decommission (viewed May 2016)
Published November 2015 / Revised April 2018