Archives New Zealand. Te Rua Mahara o te Kāwanatanga

Public Records Act 2005 — Audit Self-Assessment

Frequently Asked Questions

« Back to Survey Welcome

Why has the audit self-assessment application been developed?

In 2008/2009 an audit tool (Word based) that supported the assessment of compliance with the Public Records Act 2005 and related mandatory standards was developed through extensive consultation.

This audit tool has been developed into a web-based self-assessment application which allows public offices to gather information to develop their own compliance and recordkeeping capability profile.

The audit self-assessment of compliance and capability forms an important part of the audit process and is a mandatory step in the process for a public office being audited (Audit Client).

What is the basis of the audit self-assessment application?

The audit self-assessment application is based upon the recordkeeping requirements of the Public Records Act 2005 and the related mandatory recordkeeping standards:

  • S7 Create and Maintain Recordkeeping Standard
  • S2 Storage Standard
  • S8 Electronic Recordkeeping Metadata Standard

How will the self assessment be used in the audit process?

The self-assessment data will be used to form part of the audit plan. Audit plans will incorporate:

  • The Audit Client self-assessment
  • Validation of the self-assessment & desktop audit of documentation
  • On-site audits/spot checks to further validate and examine high-probability, high-impact business risks associated with recordkeeping.

What is an Audit Client?

An Audit Client is a public office that has been scheduled for a public records act audit. Their access to the self-assessment application requires a keycode provided to the client by Archives New Zealand. The keycode is allocated by the system once the audit client details are added by the Audit Programme Coordinator.

Does my data get saved if I do not complete the self-assessment in one session?

The self-assessment information is saved during and after each session, and an Audit Client can complete their self-assessment in multiple sessions.

Audit Clients self-assessments data will be saved and can be viewed by the Auditors. No audit client is able to view any other audit client data.

What is my self-assessment data used for?

The audit self-assessment data is one of the considerations used to develop the audit plan.

Other considerations are a) business intelligence gathered as part of the planning process; b) scope of the audit as determined during the engagement meeting; c) analysis of the documentation provided for the desktop audit.

How is the audit self-assessment structured?

The audit self-assessment is structured into:

  1. Eight areas of recordkeeping compliance, and within these
  2. Three stages of achievement

What are the eight areas of recordkeeping compliance and the three stages of achievement?

The eight areas of recordkeeping compliance, with areas 1 – 4 reflecting the management business activities and areas 5 – 8 the more specific operational requirements, are as follows:

General Business Activities

  1. Planning
  2. Resourcing
  3. Training
  4. Reporting

Specific Recordkeeping Practice

  1. Creation and Capture
  2. Retrievability and Security
  3. Maintenance and Storage
  4. Disposal and Transfer

The three stages of achievement are:

  1. Initiation - needs identified and solutions examined, evidence of planning, systems designed or redesigned
  2. Establishment – evidence of practical application
  3. Extending Capability – evidence of good practice, including regular review and monitoring etc.

What is the numbering regime within the self-assessment?

The numbering regime, for example 1.1.1, reflects the area of compliance/ achievement stage/question number


  • 1.1.1: (1) Planning (1) Initiation (1) Question 1
  • 1.1.2: (1) Planning (1) Initiation (2) Question 2
  • 1.2.1: (1) Planning (2) Establishment (1) Question 1

If you can’t find the answer to your question, please contact us at

For more information on the Public Records Act Audit Programme visit our website: