COLLECTION AND MANAGEMENT OF KNOWLEDGE ASSETS

 RRA ensures that stakeholders are aware of the Knowledge Assets being recorded, the
purpose of recording the Knowledge Assets and for what purpose.
 Knowledge Assets may only be collected, collated, created, acquired, and held for the
purposes of RRA activities, projects, or programs.
 Knowledge Assets collected and provided that relate to a particular stakeholder are
recorded in the relevant Knowledge Management system in accordance with the
relevant governing policies and regulations.
 Subject to specific exceptions, consent from individuals for the use of their Knowledge
Assets (including video or voice recording) is to be obtained if identified records are to
be held indefinitely on RRA records and archives.
 Data extracts for reports or for other requirements can only be developed by authorised
RRA staff – this is to stop direct access to backend databases by staff who are not
familiar with the relevant data models;
 Knowledge Assets cannot be passed to anyone outside of RRA without being
authorised first unless specific consent has been given for disclosure of identifiable
Knowledge Assets ;
 Data/Knowledge Assets cannot be deleted directly from the underlying records; the KM
Team leader will be responsible for signoff where duplicate or inaccurate assets need to
be amended or deleted;
 Knowledge assets can only be accessed with authority from the KM Team leader
including the access levels to both data/Knowledge Assets and
functionality/use/purpose.

ACCESSIBILITY, SECURITY, AND STORAGE OF KNOWLEDGE ASSETS

 Knowledge Assets will be stored on technology platforms to increase Knowledge

Assets accessibility and minimise unnecessary use of paper.
 Where paper files need to be kept (for example, original documents with signatures)
the same Knowledge Assets management responsibilities apply to those files.
 Confidential documents and records are protected, with access available to authorised
staff only.
 Retention of Knowledge Assets with long-term or historical value may be required for
reference purposes.
 RRA shall take all legally required and commercially reasonable measures,
proportional to the associated risk, to protect data from loss, misuse, unauthorised
access or disclosure, alteration, and destruction in line with the relevant policies and
regulations.
 Knowledge Assets and data destruction will occur in accordance with legal
obligations.
 Wherever possible, RRA follows the regulatory Information Security Standards.