Set up evidence and document capture and storage processes
Capture documents and other evidence for requests, claims and activities to detect, analyse, investigate and disrupt fraudulent activity. This control is supported by the National Archives of Australia’s Information Management Standards and the Protective Security Policy Framework.
Why this countermeasure matters
The prosecution must prove every element of an offence beyond reasonable doubt to convict someone. Poor or no capture and storage of documents and evidence may lead to:
- difficultly in detecting, analysing, investigating and disrupting fraudulent activity
- briefs of evidence being rejected by the Commonwealth Director of Public Prosecutions.
How to put this countermeasure in place
Some ways to implement this countermeasure include setting up evidence and document capture and storage processes like:
- storing all claim forms on a system
- scanning and uploading all evidence for a claim into a system
- documenting decisions on a system before processing the activity
- keeping all procurement decisions and documentation on file.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this countermeasure by using the following methods:
- Confirm the capture and storage of documents and evidence is in compliance with the National Archives of Australia’s Information Management Standards. In particular:
- Principle 4: Business information is suitably stored and preserved.
- Principle 7: Business information is saved in systems where it can be appropriately managed.
- Principle 8: Business information is available for use and reuse.
- Confirm the capture and storage of documents and evidence is in compliance with the Australian Government Investigations Standards and other national guidelines or frameworks.
- Consult with investigators about what evidence is required.
- Confirm that enough evidence is captured to support an investigation.
- Check the method of storage is automatic and reliable.
- Check staff instructions are clearly documented and followed if processes are manual.
- Confirm that documents are stored securely – test this if required.
- Confirm that evidence is available to investigators.
- Review who has access to documents.
- Check if documents can be altered and if the original is retained.
- Confirm that audit logging applies to all access/updates to documentation.
- Confirm that documents are retained as per the relevant Records Authority.
- Confirm that you can access evidence held by another party if using coercive powers.
This type of countermeasure is supported by: