Go to top of page

Governance framework


The National Archives’ corporate governance framework outlines the key authorities, principles and processes required for embedding good governance across the agency. It incorporates the National Archives’ legislative and policy obligations, and acts as a principled guide to achieve agency-wide understanding and implementation of governance.

Governance structure

The National Archives main governance bodies as at 30 June 2021 are the Executive Board and five supporting governance committees. An important objective of the committees is to provide assurance and recommendations to the Executive Board to enable risk-based decision-making consistent with the strategic direction of the National Archives.

In addition to these committees the National Archives COVID-19 Task Force established in 2019–20 continued its operation in 2020–21 to coordinate the organisation’s response to the pandemic.

Executive Board

The Executive Board is the National Archives' principal governance and decision-making body. It provides overall corporate governance and ensures the National Archives’ activities are aligned with its strategic goals.

It comprises the Director-General; Assistant Director-General, Corporate Services; Assistant Director-General, Access and Public Engagement; Assistant Director-General, Collection Management; Assistant Director-General, Information and Technology; and Assistant Director-General, Government Data and Policy.

Audit and Risk Committee

The Audit and Risk Committee provides independent advice to the accountable authority, the Director-General, and assists him to meet his duties and obligations. The Committee provides advice on financial reporting, performance reporting, systems of risk oversight and management and systems of internal control.

Its charter is available online at https://www.naa.gov.au/about-us/our-organisation/accountability-and-reporting/audit-and-risk-committee-charter/audit-and-risk-committee-charter.

The Committee met five times in 2020–21 to:

  • review the financial statements and provide advice to the Director-General, including recommending the statements to be signed by the Director-General
  • review the performance statements and provide advice
  • review the systems and processes for preparing financial reporting information and the inclusion of the financial statements in the annual report
  • review system of risk oversight and management
  • review system of fraud control and internal control
  • review internal and external audit reports and track the implementation of recommendations
  • facilitate communication between the department and the Australian National Audit Office.


Mr Geoff Knuckey was appointed to the Audit and Risk Committee in 2011. Mr Knuckey has extensive experience as an audit committee member or chair in the public and private sectors. In 2009, after a 32-year career with Ernst & Young, Mr Knuckey became a full‑time company director and member of audit committees. Mr Knuckey has a Bachelor in Economics, and is a Fellow of the Institute of Chartered Accountants Australia (FICA), Graduate of the Australian Institute of Company Directors and a registered Company Auditor.

Meetings attended in 2020–21: 5
Total remuneration: $9625


Dr Margaret Wade FCPA has been member of the Audit and Risk Committee since 2015. Dr Wade has served as an independent member of numerous audit committees since 1990. Prior to her retirement in 2005, Dr Wade was a tenured member of staff at the University of Canberra.

Meetings attended in 2020-21: 5
Total Remuneration: $6,000

Dr Wendy Southern is a recently retired senior public servant. Dr Southern has been a member of the Audit and Risk Committee since February 2021. Dr Southern previously held the roles of Deputy Director-General at the Australian Security Intelligence Organisation and Deputy Secretary at both the Department of Health and the Department of Immigration and Border Protection. Dr Southern’s responsibilities ranged across strategic policy, program management, organisational reform and governance and corporate management.

Meetings attended in 2020–21: 2
Total remuneration: $6,000

Project Assurance Committee

The Project Assurance Committee provides assurance to the Executive Board and Director-General about the management of significant or complex projects being undertaken by National Archives by monitoring projects to ensure:

  • adequate project management measures are in place
  • projects remain within approved scope, or that scope change is managed
  • projects remain within approved scope, or that scope change is managed projects are meeting scheduled outcomes, in particular monitoring budget variance and schedule variance against project plans
  • change initiatives address and achieve strategic objectives
  • pre-commencement and emerging risks are identified and mitigated
  • resource or priority conflicts that may adversely affect project performance are identified early, addressed and resolved
  • potentially conflicting resource demands between projects and business-as-usual (BAU) requirements can be managed and coordinated at an organisational level
  • any ongoing requirements for financial and human resources following completion of the project are identified and addressed.

The Committee chair is Mr Clive Lines (external appointment) and the members are Assistant Director-General, Corporate Services; Assistant Director-General, Information and Technology; and an Executive Level 2 representative selected by the Executive Board.

The Project Assurance Committee met four times in 2020–21.

Security Committee

The Security Committee is an advisory body to ensure that National Archives is implementing effective security strategies, programs and measures to protect National Archives on security matters relating to physical, personnel, information and governance.

The Director-General is the chair of the committee and the members are Assistant Director-General, Corporate Services; Assistant Director-General, Information and Technology; Director, Cyber Security; and Director, Property and Security.

The Security Committee met two times in 2020–21.

Workplace Relations Committee

The Workplace Relations Committee is a consultative body to seek input from employees on employment-related matters and the implementation of the enterprise agreement. It supports open communication and consultation on matters that affect employees, particularly those that have a broad impact across the National Archives.

The chair of the committee is the Assistant Director-General, Corporate Services and the members are the Director, People Management and Development, two management representatives nominated by the Director-General and four employee representatives.

The Workplace Relations Committee met four times in 2020–21.

Information and Data Governance Committee

The Information and Data Governance Committee is responsible for the governance of National Archives information and data assets. The Committee makes strategic information governance decisions; ensures a consistent and systematic whole-of-agency approach to managing information; ensures coordination of governance activities for information and data assets including the development of frameworks, policies, controls and standards; and monitors the effectiveness of information and data governance activities.

The chair of the committee is the Assistant Director-General, Information and Technology (Chief Information Officer) and the members are Director-General; Assistant Director-General, Access and Public Engagement; Assistant Director-General, Collection Management; Chief Information Governance Officer.

The Information and Data Governance Committee met four times in 2020–21.

COVID-19 Taskforce

The COVID-19 Taskforce was formed to coordinate the National Archives’ response to the pandemic. Its main role is to ensure the health and safety of staff while maintaining the delivery of essential services. In 2020–21, the taskforce continued to:

  • ensure working arrangements in offices across Australia are compliant with their states’ public health directions and COVIDSafe plans
  • provide guidance and support for staff working from home
  • provide updates and communicate requirements to staff on COVID-19 situation across Australia.

Since January 2021, the National Archives has been managing the ongoing COVID-19 situation through business-as-usual business continuity arrangements and has continued to comply with government guidelines such as using a QR code to check in.

Corporate governance and risk

Corporate governance

The National Archives’ work program focuses on enabling efficient, effective and ethical corporate governance; sound corporate and strategic business planning, reporting and policy development; accountable compliance activities; and innovative and prudent management.

This year, the National Archives provided the Minister and Assistant Minister with a Statement of Intent setting out immediate priorities to fulfil its legislated remit to lead information policy and management standards for the Australian Government.

In 2020–21, the National Archives’ corporate focus was on finalising, implementing and socialising its governance policies and guidelines as set out in frameworks.

Risk management

The National Archives’ risk maturity continues to grow through revised risk management framework, including the policy, plan, guide and tools. In 2020–21, the National Archives Strategic Risk Register was reviewed, as well as four specific risk registers Business Continuity, Fraud and Corruption Control, Security, and Information Governance.The Risk Communication Plan was endorsed by the Audit and Risk Committee for implementation in 2021–22.

Internal audit

The National Archives’ internal audit framework is delivered by contracted professional auditors in consultation with the Executive Board. Audits are based on strategic priorities, risk management and governance controls. In 2020–21, internal audits were conducted or finalised on:

  • Whole-of-government information policy – Digital Continuity 2020 and Building Trust in the Public Record
  • Program implementation and delivery
  • Protective security policy framework obligations review
  • Collection Management Phase 1.

Fraud measures

The National Archives’ fraud and corruption control framework outlines the strategies, governance and procedures in place to protect against fraud and corruption-related risks to the staff, information and assets.

In 2020–21, the National Archives conducted a new fraud and corruption risk assessment consistent with the PGPA Rule. It is intended that this will be finalised early in 2021–22.

No instance of fraud was reported via the National Archives’ fraud reporting telephone and email hotlines or through written correspondence to the Fraud Control Officer.

Ethical standards

The National Archives operates a program of mandatory online learning for all staff to maintain a strong understanding of ethical standards and behaviour expectations. The program schedule includes courses such as protective security, fraud awareness and Commonwealth resource management. Additionally, new staff participate in an induction program that includes training on ethical standards.

In 2020–21, one public interest disclosure received in 2019–20 was finalised and nil breaches of the APS Code of Conduct were determined. No requests were made to review a human resource decision, and no appeals were made to external authorities.

Freedom of information

In 2020–21, the National Archives received 11 valid freedom of information (FOI) requests. The results of those requests were as follows:

  • 7 requests were finalised within the required timeframe, granting access in full or part
  • 1 request was withdrawn
  • 1 request was transferred to another agency
  • 1 request was refused (documents were not in possession of the National Archives but were publicly available, so the applicant was provided with the relevant links)
  • 1 request was still being processed as at 30 June 2021.

Information Public Scheme

Entities subject to the Freedom of Information Act 1982 (FOI Act) are required to publish information to the public as part of the Information Publication Scheme (IPS).

This requirement is in Part II of the FOI Act and has replaced the former requirement to publish a Section 8 statement in an annual report. Each entity must display on its website a plan showing what information it publishes in accordance with the IPS requirements.

The National Archives complies with the requirement to public information to the public as part of the IPS. A plan outlining what information is published in accordance with the IPS requirements can be found on the National Archives website, naa.gov.au.


In 2020–21, the National Archives updated its privacy policy and created a privacy management plan consistent with its obligations under the Privacy (Australian Government Agencies – Governance) APP Code 2017.

In 2020–21, the National Archives:

  • received and finalised one written privacy complaint (this did not involve data breaches that required notification to the Privacy Commissioner)
  • received 10 Privacy Impact Assessments for review, 8 of which were finalised within the financial year and 2 were still under assessment as at 30 June 2021.

Information governance

The National Archives aims to be a forward-looking and innovative, employing best practice approaches for the management of information and data assets. This includes implementing the Building Trust in the Public Record policy and the Information Management Standard for Australian Government.

The National Archives’ information and data governance framework affirms its commitment to effective governance and management for all information and data assets; clearly defines the standards, expectations and responsibilities for managing information and data; and ensures that the National Archives’ information and data management practices meet legal obligations, accountability requirements, business needs and stakeholder expectations.

In 2020–21, the National Archives continued to strengthen its information governance framework, policies and processes. It has met the final targets for the Digital Continuity 2020 policy. Work has commenced on meeting the targets identified in the Building Trust in the Public Record policy and the Foundational Four requirements of the Office of the National Data Commissioner. Gap assessments against the requirements have been completed and an initial roadmap developed to meet the targets.