Skip to main content
Skip to secondary navigation
Menu
Australian Government - Office of the Australian Information Commissioner - Home

Collection and security of student personal information – Canberra Institute of Technology: Audit report

Final audit report
Information privacy principles audit
Section 27(1)(h) Privacy Act 1988

Audit undertaken: 4–5 December 2013
Draft report issued: 17 March 2014
Final report issued: 8 April 2014

On this page

  1. Part 1 — Introduction
    1. Background
  2. Part 2 — Description of audit
    1. Purpose
    2. Objective and scope
    3. Timing and location
    4. Methodology
    5. Information obtained during the audit
    6. Opinion
    7. Reporting
  3. Part 3 — Description of auditee
    1. Overview
    2. CIT areas relevant to the audit
  4. Part 4 — Audit issues
    1. IPP 1 issues — Manner and purpose of collection of personal information
    2. IPP 2 issues — Notice of collection
    3. IPP 3 issues — Solicitation of personal information generally
    4. IPP 4 issues — Data security
    5. Other identified issues
  5. Part 5 — Summary of recommendations
    1. Recommendation 1 – Provide comprehensive privacy notices on all relevant forms
    2. Recommendation 2 – Ensure all privacy notices on forms are reviewed systematically
    3. Recommendation 3 – Improve consistency in hard-copy (paper-based) record keeping practices
    4. Recommendation 4 – Undertake a census of all hard-copy (paper-based) student records
    5. Recommendation 5 – Develop a policy to cover staff transfer of student information off campus
    6. Recommendation 6 – Clearly mark any portable physical electronic assets with information to assist the return of these assets to CIT if lost or stolen
    7. Recommendation 7 – Utilise all available lockable storage
    8. Recommendation 8 – Compulsory password change for student access to their accounts on self-service system and eLearn systems
    9. Recommendation 9 – privacy training
    10. Recommendation 10 – Privacy Contact Officer
  6. Appendix A – Documents gathered pre-fieldwork
  7. Appendix B – Documents gathered during fieldwork period
  8. Appendix C – Documents gathered post-fieldwork
  9. Appendix D – Assessment Matrix 1
    1. CIT enrolment forms
    2. CIT student & academic services forms
    3. CIT automotive & metals form
    4. CIT solutions forms
  10. Appendix E – Assessment Matrix 2
    1. CIT forms where purpose of collection is obvious and usual disclosures are unlikely

Part 1 — Introduction

Background

1.1 The Australian Government and the Australian Capital Territory (ACT) Government have a Memorandum of Understanding (MOU) for the provision of privacy services in relation to ACT Government agencies.

1.2 In December 2013 the Office of the Australian Information Commissioner (the OAIC) conducted an audit of the Canberra Institute of Technology (CIT) as a part of this agreement, using its powers under s 27(1)(h) of the Privacy Act 1988 (Cth) (the Privacy Act).

Back to Contents

Part 2 — Description of audit

Purpose

2.1 The purpose of the audit was to assess whether CIT is maintaining its records of student personal information in accordance with selected Information Privacy Principles (IPPs) contained in s 14 of the Privacy Act. Specifically, the audit considered CIT’s collection of student information, the notifications it provides to students during collection and the security safeguards CIT has in place to protect the student information it holds.

Objective and scope

2.2 The objective of the audit was to assess CIT’s collection and maintenance of student personal information, in accordance with its obligations under the IPPs regarding collection (IPP 1 and IPP 3), notification (IPP 2) and storage and security (IPP 4(a)).

2.3 The auditors particularly considered: student pre-enrolment, enrolment and post-enrolment collections; CIT forms where information is solicited directly from students; physical and IT storage and security of student records; and CIT’s use of ‘Point of View’ (POV) glasses within the CIT Trade Skills & Vocational Learning Teaching College.

2.4 The audit only included fieldwork conducted at CIT’s Reid and Fyshwick campuses.

2.5 The audit did not assess CIT’s:

  • maintenance of personal information in accordance with IPPs 4(b) to 11
  • obligations under the IPPs when handling non-student records such as employee records
  • handling of student health information as privacy issues relating to ACT health records are subject to the requirements of the Health Records (Privacy and Access) Act 1997 (ACT), rather than the Privacy Act.

Timing and location

2.6 The audit was undertaken on 4 and 5 December 2013 at the CIT Reid campus (37 Constitution Avenue) and the CIT Fyshwick campus (81 Mildura Rd).

Methodology

2.7 The audit fieldwork included:

  • a document review of CIT guidance materials developed to assist staff when collecting and securing students’ personal information including business policies and procedures and staff training material
  • a review of CIT’s relevant notices and forms
  • a review of online resources and publications available to students regarding CIT’s education services and organisation
  • site inspection of CIT facilities and campuses at Reid and Fyshwick
  • semi-structured interviews with key CIT staff, to assess CIT’s processes, procedures, training and staff awareness around the collection and security of student information.

Information obtained during the audit

2.8 CIT provided several documents prior to, during and after the fieldwork for this audit. A full list of the information obtained prior to conducting fieldwork is at Appendix A.

2.9 Information and documents gathered from CIT during the audit fieldwork period and post fieldwork are listed in Appendix B and Appendix C of this report. This does not include any forms relating to issues outside the scope of this audit.

Opinion

2.10 The auditors are of the opinion that CIT is generally collecting and maintaining its records of student personal information in accordance with IPPs 1, 2, 3 and 4(a) within the scope of this audit.

2.11 The auditors identified some privacy risks to CIT’s student personal information handling practices and have made recommendations in relation to these.

2.12 A recommendation is a suggested course of action or a control measure that, if put in place by the agency, will (in the opinion of the OAIC) minimise the risks identified around how personal information is handled against the relevant criterion.

Reporting

2.13 To the extent possible, the OAIC publishes final audit reports in full or abridged versions on its website, www.oaic.gov.au. It is sometimes inappropriate to publish all or part of a report because of statutory secrecy provisions or for reasons of privacy, confidentiality, security or privilege.

Back to Contents

Part 3 — Description of auditee

Overview

3.1 CIT is a technical and further education institute that provides vocational education and training to the ACT and region. Its status as a statutory authority is governed by the Canberra Institute of Technology Act 1987 (ACT).

3.2 According to its 2012 Annual Report, CIT had 35,700 student enrolments and granted 6900 awards to graduates.

3.3 CIT consists of the following five Teaching Colleges:

  • CIT Business, Tourism & Accounting
  • CIT Communication
  • CIT Building Technology & Design
  • CIT Health, Community & Science
  • CIT Trade Skills & Vocational Learning.

3.4 In addition, CIT has four support centres; CIT Corporate Services, CIT People & Organisational Governance, CIT Brand & Business Development and CIT Student & Academic Services.

3.5 CIT also wholly owns CIT Solutions Pty Ltd (CIT Solutions), a subsidiary that is responsible for the recruitment of international students. CIT Solutions provides a range of short courses and accredited qualifications, adult and community education programs and a range of training-related consultancies and advice.

CIT areas relevant to the audit

3.6 The auditors interviewed staff from the following areas within CIT:

  • CIT Corporate Services:
    • the Records Management Unit (RMU), responsible for maintaining CIT’s paper based records (including paper based student records).
    • Training Initiatives (User Choice) area, responsible for Trainees and Apprentices in CIT’s programs.
    • Student Management Systems (Banner) team and Shared Services ICT (CIT) area, together responsible for maintaining ‘Banner’, CIT’s primary electronic recording system for student information.
  • CIT Student & Academic Services:
    • Student Services, responsible for student enrolments and handling student enquiries.
    • Student Support, which provides support services to students enrolled at CIT including disability support and migrant and refugee support.
    • Library and Learning Services, which manages CIT’s library services and flexible learning centre facilities.
    • Student Records & Graduation, responsible for processing student requests for their awards and transcripts.
    • Education Design & Technology (Flex: Ed), responsible for introducing new technology in CIT’s learning environment including POV glasses.
  • CIT Trade Skills & Vocational Learning Teaching College:
    • Automotive and Metals areas.
  • CIT People and Governance, which handles privacy complaints about CIT, develops and implements CIT’s audit and review program and other compliance initiatives and policies. Specifically, the auditors interviewed staff from:
    • Government Relations
    • HR Policy.

3.7 The auditors also interviewed a representative from CIT Solutions in relation to the collection of overseas student information and the notification provided to these students at the point of collection.

Back to Contents

Part 4 — Audit issues

The following findings and recommendations relate to the auditors’ consideration of CIT’s maintenance of student personal information in accordance with IPPs 1 to 4(a).

The IPPs are available at www.oaic.gov.au.

IPP 1 issues — Manner and purpose of collection of personal information

IPP 1 provides that an agency shall not collect personal information unless the collection is for a lawful purpose directly related to the collector’s functions or activities and the collection is necessary or directly related to that purpose.

Observations

4.1 The collection of students’ personal information by CIT occurs at three main stages – pre-enrolment, enrolment and post-enrolment (including re-enrolment of existing students).

Pre-enrolment

4.2 Some collection of personal information occurs prior to a student enrolling at CIT. For example, potential students submit an application form to CIT indicating their interest in a course prior to the formal enrolment at CIT.

4.3 Student Support Services also advised that they may collect personal information about prospective students (in relation to Migrant Support or Disability Services) prior to enrolment. This information is usually collected directly from the prospective student, rather than from a third party (eg a carer or legal guardian).

4.4 Many individuals may also attend information sessions at which CIT Student Services staff provide program, course and enrolment information.

4.5 CIT Solutions, which handles the recruitment and enrolment of international students, also collects international students’ personal information prior to enrolment.

4.6 The auditors were advised that CIT Solutions has representatives worldwide through whom international students may apply for entry into CIT programs.

4.7 When applying for entry into CIT, international students will provide CIT Solutions with their contact and personal details, Overseas Student Health Cover information, Australian Visa information, academic information (including transcripts), passport or birth certificate information and English language test results.

4.8 Applications may be accepted in hard copy, or electronically and are stored on a separate IT system for international students (iSam).

4.9 The auditors reviewed the application forms used by CIT Solutions to collect student information and observed that the information CIT solutions requests from students during the application process is necessary and directly related to CIT’s function of providing educational services to these students.

Enrolment

4.10 The major collection of student information held by CIT occurs at the point when students formally enrol to complete a course at CIT. The Student Services area is primarily responsible for student enrolments.

4.11 Prospective students may enrol either in person at a CIT campus or by using an online application process through the CIT Student Self Service system.

Enrolling in person

4.12 When enrolling in person, a student will complete a CIT Enrolment form (which includes specific subjects), and provide these to a shopfront staff member located at the campus’ Student Services Hub.

4.13 For a direct enrolment, the student is required to pass a Proof Of Identity (POI) check by providing three forms of identification, such as photo ID (eg drivers licence, Passport) and other forms of identification (eg Medicare card).

4.14 Student Services staff will sight the original documents and return these to the student (ie no copies are made).

4.15 If an enrolling student wishes to apply for a concession to their fees, they must provide their consent for CIT to access and verify their concessional status on a Centrelink database.

4.16 An invoice will then be processed, and the student information uploaded onto CIT’s main electronic student management system, known as Banner.

Online enrolment

4.17 The auditors were advised that CIT’s online enrolment system is still being developed further.

4.18 Currently, to enrol online, an individual accesses a student ‘self-service portal’ and creates their own username and password. They will then complete the online application and enrolment forms and submit these.

4.19 A CIT staff member will subsequently contact the student about their online enrolment and obtain scanned certified ID documents to fulfil the student POI check. Once the student’s identity has been verified, the scanned documents are destroyed.

4.20 The staff member then generates an invoice for the student and mails it to them, which completes the online enrolment process.

Information collected at enrolment

4.21 The information CIT collects about new students at enrolment includes:

  • contact details
  • date of birth
  • citizenship status
  • demographic information such as ethnicity, employment status and any disability impairment
  • program enrolment information
  • Centrelink reference numbers and Centrelink concession status, if relevant
  • education level of their parents or guardians.

4.22 CIT’s collection of demographic information and educational level of parents or guardians is generally required as CIT has obligations to report such information to the National Centre for Vocational Education Research Ltd (NCVER).

Enrolment of Apprentices and Trainees

4.23 The collection of enrolment information for Apprentices and Trainees is handled by the Training Initiatives (User Choice) area within the CIT Corporate Services support centre.

4.24 Generally, the Australian Apprenticeship Centre will notify CIT of a potential student Apprentice or Trainee who wants to enrol at CIT. CIT then contacts the student and their employer to arrange for the student to complete an Australian Apprenticeship Registration, which is the enrolment form for apprentices and trainees.

4.25 Apprentices and trainees may also contact CIT directly to enrol for the first time. The auditors were advised that there may be occasions where CIT staff visit the employer’s workplace to complete the enrolment process.

4.26 There is currently no online enrolment option for Apprentices and Trainees.

4.27 The information that CIT collects from Apprentices and Trainees is generally the same as that collected from other students. In addition, however, CIT collects some information about their employer, as the employer may be invoiced for the student’s fees, and assessment result information for the student will be provided to the employer.

4.28 The auditors also reviewed CIT’s Australian Apprenticeship Registration form, which Apprentices and Trainees complete when enrolling at CIT and did not observe any unnecessary personal information collection by CIT.

Enrolment of International students

4.29 Once an international student is accepted into CIT, they are provided with a Letter of Acceptance (which contains their course and fee information) for signing.

Post-enrolment

4.30 After a student has been accepted into CIT, a range of expected information will be collected regarding student attendance, academic progress and any disciplinary or misconduct proceedings involving the student.

4.31 Students may also access a range of other services provided by CIT which may lead to a collection of their information. These include Student Support Services, which provides Peer-tutoring Services, Disability Support Services, Migrant Support Services, International Student Pastoral Care and Youth support services.

CIT Teaching Colleges

4.32 CIT teaching colleges are responsible for teaching students and therefore routinely collect students’ assessment and attendance information.

4.33 The auditors only observed the collection practices of the Automotive and Metals areas within the CIT Trade Skills & Vocational Learning Teaching College.

4.34 Inspection of the Automotive and Metals areas showed that teachers were collecting directly relevant information such as student details, attendance records, employer information and assessment evidence for purposes such as providing updates to employers about students’ progress and assessing students’ course competencies.

POV Glasses

4.35 The Education Design & Technology area was the first to introduce POV glasses to CIT.

4.36 The auditors observed that POV glasses are similar to heavy frame sunglasses. However, they have a camera within the frame of the glasses, and a light will flash on the glasses when they are being used to record.

4.37 In addition to POV glasses, CIT also uses three different types of cameras:

  • ‘GoPro’ cameras that are worn on the chest or the head
  • a camera that is worn behind the ear
  • a ‘flip’ camera, which is a handheld video recorder.

4.38 These devices record footage onto a microSD card, which will then be downloaded onto a laptop/computer drive and uploaded onto CIT’s online learning system.

4.39 Currently, the Metals area and the Sport, Fitness & Wellbeing area (within the CIT Health, Community & Science Teaching College) use these recording devices.

4.40 The auditors observed in the Metals area that flip cameras are now being used in place of POV glasses to record apprentice students’ completion of assessment tasks.

4.41 The flip cameras (previously the POV glasses) are used by teachers to record students’ work with the students’ permission and awareness. Students may also use the cameras to record their completion of assessment tasks in the workshop, however they are always under teacher supervision when doing so.

4.42 Once recording is completed for the day, the teacher responsible uploads all of the recorded footage onto their secured laptop and then clears the memory on the used recording device. The footage is then backed up on the Metal area’s I:Drive.

4.43 The auditors observed examples of the recordings taken in the Metals area and noted all were focused upon the assessment task that the student had to complete and the footage captured was relevant for assessment purposes.

Library and Flexible Learning Centres

4.44 The audit did not focus upon CIT’s Library and Learning Services area because the student information this area collects is limited. For example, it generally only collects information about students’ use of library services, such as book borrowing.

4.45 Furthermore, the auditors observed that the flexible learning centres consisted of computer facilities and desk spaces provided for flexible learning students to use.

4.46 Student Services handles the enrolments for flexible learning, except for the centres at the Gungahlin and Tuggeranong campuses, which are outside the scope of the audit.

Student Support

4.47 CIT Student Support collects personal information about students that seek or require further assistance during the course of their studies. As previously mentioned, CIT Student Support provides services including Peer Tutoring, Disability Support and Migrant Support.

4.48 The information collected by CIT Student Support includes:

  • details about the issues that result in students requiring support
  • details about students’ existing support networks
  • other relevant background information.

4.49 This information is collected in order to assist staff to provide appropriate support services to students and the Student Support forms (such as the CIT Student Support – Migrant Support Registration Form) used to record this information shows that students provide their consent to the information being collected.

4.50 The auditors observed that the student information CIT Student Support collects is relevant for the area’s purposes.

Privacy issues

4.51 The auditors are of the view that the collections of student information by CIT that have been observed appear to have been for lawful purposes directly related to CIT’s functions and activities as an educational institution and necessary for those purposes.

4.52 Furthermore, the auditors did not observe CIT collecting students’ personal information using unlawful or unfair means.

4.53 The auditors consider that CIT has collected students’ personal information in accordance with IPP 1 obligations, and make no privacy recommendations in relation to this aspect of the audit.

IPP 2 issues — Notice of collection

IPP 2 sets out the notice requirements which apply to ACT Government agencies when collecting personal information directly from an individual, for inclusion in a record or generally available publication. Specifically, IPP 2 states that where:

  • a collector collects personal information for inclusion in a record or in a generally available publication; and
  • the information is solicited by the collector from the individual concerned;

the collector must take reasonable steps to ensure that, before information is collected or, as soon as practicable after this occurs, the individual is made generally aware of:

  • the purpose for which the information is being collected
  • any legal authorisation or requirement to collect the information
  • any entities to which this information is usually disclosed.

Observations

4.54 This audit reviewed CIT forms that collect personal information directly from students provided by CIT before and during the fieldwork period. These forms are listed in Appendices A, B and C.

4.55 CIT staff advised that CIT reviews the forms on an ongoing basis and updates them as required. For example, CIT updates the forms to reflect a change in policy.

4.56 CIT’s People and Governance area advised that no students had submitted privacy complaints about CIT providing insufficient notice on its collection forms regarding its collection purposes, usual disclosures or legal authorisation for the collections.

4.57 Auditors observed that the majority of these forms contained appropriate notifications and so meet CIT’s IPP 2 obligations.

4.58 Assessment Matrix 1, located in Appendix D of this report, provides a general assessment of IPP 2 notices in the forms provided by CIT Student and Academic Services, the Automotive and Metals area, the Training Initiatives (User Choice) area and CIT Solutions.

4.59 Good examples of IPP 2 privacy notices were observed in the CIT Application for Award and Fee Training Places for Single and Teenage Parent ACT – CIT and Self-Referral forms. In both of these forms, the privacy notice set out at the end of the forms explicitly details CIT’s purpose for collection and the entities to whom it may disclose the information.

4.60 The auditors noted five forms (see Assessment Matrix 2, Appendix E) that did not contain specific privacy notices but which collect personal information from students for clear purposes (as indicated by the title of the forms and the information detailed within the forms), are not collecting information due to any law and are unlikely to be disclosed to third parties.

4.61 The Guidelines to the Information Privacy Principles 1-3 (available at: www.oaic.gov.au/privacy/privacy-act/information-privacy-principles) indicate that ‘if an agency uses a title on its forms that reasonably explains the purpose of collection, it does not have to give any more details about its purpose’. These guidelines also indicate that an agency cannot later argue that the collection had a purpose that was beyond that suggested by the title of the form.

4.62 The auditors consider that the notifications in these five particular forms are in accordance with IPP 2, even though they do not contain explicit privacy notices. However, the purposes for which the information collected in these forms can be used will be restricted to that indicated in the titles of the forms.

4.63 The following eight CIT forms did not meet some of the notification requirements of IPP 2, and should be amended by CIT as follows:

  • Proxy Enrolment Form - does not contain a specific privacy notice. While the purpose for collecting students’ personal information for enrolment is implied, this form would be improved by the insertion of a privacy notice explicitly outlining the purpose of collection, legal authority to collect (if applicable) and any usual disclosures that may occur (ie as in the CIT Enrolment Form).

  • CIT Application Form - indicates the potential student’s information is protected from unauthorised disclosure by the Privacy Act. However, the form does not provide any information about the purposes for which the information is being collected, or any usual disclosures that may occur.

  • CIT Student ID Check - does not contain a specific privacy notice. The auditors acknowledge that a student would have completed an enrolment form prior to this form. CIT also destroys any supplied copies of identity documents after completing the identity check. However, due to the nature of the information collected using this form, it would be expected that a specific privacy notice covering IPP 2 issues would be included on this form.

  • CIT Entry Requirement Evidence - does not contain a specific privacy notice. The auditors note that the purpose for the collection of student information is suggested by the ‘Instructions’ provided at the start of the form. However, as quite detailed information may be collected about a student (and a student may submit this prior to enrolling in CIT), it would be expected that this form includes a notice outlining the purpose of collection, legal authority to collect and any usual disclosures of this information.

  • Under 17 Year Old ALERT - does not provide privacy notice advising the purpose of collection or any legal authority under which CIT is authorised to collect this information. The form does specify that CIT is required to disclose information about under 17 year olds’ enrolments to the ACT Education and Training Directorate.

  • CIT Accommodation Booking - does not contain a specific privacy notice. The auditors also note this form requests information about the student’s religion, which is ‘sensitive information’ according to s 6 of the Privacy Act.

  • CIT Solutions’ Request for Refund and Confirmation of Third Party Authorisation forms – do not contain specific privacy notices. While these two forms’ collection purposes appear clear from their titles, there may be usual disclosures of this information that should be detailed on the forms.

4.64 The following forms were identified by the audit team as containing an IPP 2 privacy notice that could be improved to better meet IPP 2 obligations as follows:

  • Some enrolment forms (eg Workplace Skills Enrolment Form) indicate that demographic information (such as schooling level and ethnic background) is collected for ‘the purpose of National Reporting and CIT Planning’. The form could better meet IPP 2 obligations by providing a brief reference to the legislation requiring the collection of this information.

  • During the audit fieldwork, CIT provided an updated copy of a soon to be published CIT Enrolment Form. The updated form has removed a reference to collecting demographic information for ‘National Reporting Purposes and CIT Planning’. If the information collected will still be used for this purpose, the form would better meet IPP 2 obligations by setting out clearly what this purpose is, any legislation that requires this collection by CIT and which agencies this information may usually be disclosed to for this purpose.

  • Student Support’s registration forms do not specifically state the purposes for which the information collected will be used. While the auditors acknowledge that these registration forms are completed in conversation with the student and the purpose of collection is assumed to be implied, the registration forms would better meet IPP 2 obligations by more explicitly stating the purpose(s) and/or any usual disclosures of the information collected clearly at the start of each form.

  • Personal Details Variation Form indicates ‘Personal data is protected from unauthorised disclosure’ by the Privacy Act. However, this statement does not inform students that the Privacy Act may authorise the disclosure of their information (and that CIT may disclose their information) in certain circumstances.

  • The CIT Media Consent Form appears to be widely used by various areas within CIT. While the form’s purpose is apparent from the title, the generality of the form and the fact it is used by many different areas of CIT means that there is a risk students may not be fully aware of the agencies or bodies to whom the collected information may be disclosed and therefore, the disclosures to which they are consenting when signing the form. For example, students’ assessment work may form part of CIT’s industry validation process in the future, but students may not understand this when signing the form at the start of the semester.

Privacy issues

4.65 Auditors found that the forms used by CIT to collect personal information directly from students are generally maintained in accordance with IPP 2.

4.66 However, the audit identified eight forms that did not have an appropriate privacy notification in line with IPP 2 obligations.

4.67 A number of other forms were also identified where the IPP 2 notifications could be improved by CIT.

4.68 The ongoing or ad-hoc review of forms by CIT increases the risk that CIT will not identify or update any inadequate IPP 2 notifications on a particular form unless there is a major policy or procedural change involving the form.

Recommendations

The following recommendations are made in relation to IPP 2 notification.

Recommendation 1 – Provide comprehensive privacy notices on all relevant forms

4.69 The auditors recommend that CIT includes a clear privacy notice on all forms used to collect student information, which clearly sets out the purpose for the collection, any entities to which the information may usually be disclosed and any legal authority or requirement for the collection.

Recommendation 2 – Ensure all privacy notices on forms are reviewed systematically

4.70 The auditors recommend that CIT establishes a process or procedure to regularly review all of the forms used to collect personal information from students, to ensure that all forms continue to meet the requirements of IPP 2.

IPP 3 issues — Solicitation of personal information generally

IPP 3 provides that, where a collector solicits and collects personal information generally it must take steps that are reasonable in the circumstances to ensure that, having regard to the purpose for which the information is collected, the information is relevant to that purpose, up to date and complete, and that the collection does not intrude to an unreasonable extent on the individuals’ personal affairs.

Observations

4.71 The auditors noted that the majority of the student personal information CIT collects is collected directly from students. Where student information is initially collected from a third party, CIT advises that it will still verify the information solicited with the student.

4.72 For example, the Student Support area mainly obtains clients when students either nominate on their enrolment forms to use the support services or approach them directly. A student’s teacher, parent or guardian, or an external entity (eg job agencies) may also refer a student to Student Support or make Student Support aware of a student who may require assistance.

4.73 However, Student Support staff advised they always speak to the student directly about their requirements and available assistance services after receiving a third party referral. This ensures the information they collect about a student is relevant for their purposes, up to date and complete.

4.74 Auditors observed that CIT teaching staff controlled the use of recording devices (such as the POV or flip cameras) in the Metals area and recording was focused on the relevant assessment task footage. The auditors were not aware of any information that would suggest the POV or flip cameras had been used to collect non-assessment related information.

4.75 CIT’s People and Governance area advised it had not received any complaints from students regarding the use of recording devices (such as the POV or flip cameras) to collect personal information.

Privacy issues

4.76 The collection of student information directly from students where possible reduces the risk that the information collected is not up to date or incomplete.

4.77 There is a risk that where POV glasses (or other recording devices) are used during a class, non-assessment related information may be recorded about other students without their knowledge. Any such collection may intrude to an unreasonable extent upon the personal affairs of the student that is the subject of the recording. Note, however, that the auditors did not observe CIT collecting personal information from students’ in a manner that unreasonably intruded upon their personal affairs.

4.78 The auditors are of the view that CIT’s collection of student information appears to be in accordance with its IPP 3 obligations. As such, there are no privacy recommendations in relation to this aspect of the assessment.

IPP 4 issues — Data security

IPP 4(a) states that an agency which has possession or control of a record that contains personal information shall ensure that the record is protected, by such security safeguards as it is reasonable in the circumstances to take, against loss, against unauthorised access, use, modification or disclosure and against other misuse.

Observations – Physical security and storage

4.79 Ultimately, all of CIT’s paper based records including student records are the responsibility of the Records Management Unit (RMU). Each CIT area has responsibility for securing these records while they are holding them for work purposes.

4.80 According to CIT’s Records Management Policy, all paper based records should be placed on an official CIT file. RMU is responsible for creating official CIT files and does so upon receiving a file creation form.

4.81 RMU records the creation of a new file on its electronic record keeping system, Recfind6. Recfind6 only records limited information such as the title of the file and where it is currently located.

4.82 RMU then sends the physical files to the area requesting the file for work purposes and the file is kept there. When that area no longer requires the file, it returns it to RMU for archive storage.

4.83 Complaints from students (including privacy complaints), cases of student misconduct and student academic records are examples of student information that are kept on official CIT files and archived in RMU. Teaching Colleges’ roll books and student attendance records are also to be archived with RMU once they are no longer required for work purposes.

4.84 Paper based student forms submitted by students to Student Services, such as enrolment forms, are initially stored in the Student Services storage facilities for a period of 12 to 18 months. After this time, these records are all placed into storage boxes and transferred to RMU for storage.

4.85 These boxed records are kept at RMU’s storage facility at CIT’s Bruce campus. RMU staff advised the facility is a secured room and requires a key and a code to enter. Further a limited number of identified CIT staff have access (ie two RMU staff and the Bruce campus’s Estate Manager) to this facility.

4.86 The auditors observed in the Automotive area that some student records (such as student attendance sheets) did not appear to be stored on official CIT files. It was not clear whether staff were aware of CIT policy that these records should be placed on official CIT files and archived with RMU in due course.

4.87 RMU staff also indicated that CIT had not undertaken a census of CIT’s paper-based records for a number of years. Because of this, there was some uncertainty around whether records’ locations are appropriately reflected in Recfind6. RMU were also unable to estimate how many records on Recfind6 may be missing or no longer accurate.

4.88 RMU employs a courier to transport CIT files and correspondence (including student information) between its campuses at Reid to CIT’s other campuses in a secured van.

4.89 The auditors were advised that, in some instances, student records may be transported off campus by staff for work purposes. Examples of this include:

  • teachers in the Metals area taking home their assigned work laptops, which contain student roll books and assessment information

  • Student Support staff taking home the daybooks in which they may record a small amount of student information during the work day.

4.90 Generally, the auditors noted that CIT staff were aware that paper based student records needed to be protected from unauthorised access, use, modification and disclosure. For example, staff who transported student information from work to home indicated that they keep the information secure at home.

4.91 However, the auditors noted that there did not appear to be a specific CIT policy providing staff with information about how they should secure and store any student records they take off-campus.

4.92 The auditors also noted that the laptops used by staff in the Metals area did not have any information on them indicating where they should be returned in the event that they are lost (eg a return address or contact telephone number).

4.93 The auditors consider that overall, paper-based student records appeared to be stored securely. For example:

  • the RMU area stored in confidence student records in locked compactuses in a locked storage room at the back of the RMU area on the Reid campus. Other student records such as boxed completed apprentice registration forms were also kept in the locked storage room.

  • the Reid campus Student Services area staff place student forms (such as enrolment forms and Centrelink consent forms) in locked drawers at their work station after completing a face to face transaction with a student. Subsequently (and on the same day) these forms are filed in alphabetical order in a compactus in a storage room in the area’s back room.

4.94 The auditors also noted that CIT has in place additional steps to secure student records containing information of a more sensitive nature. For example, RMU is able to place a limitation alert on ‘in confidence’ files containing sensitive information such as a student’s privacy complaint. The alert indicates that access to the file is restricted to the action officer who originally created the file and permission needs to be granted by that action officer prior to the file being released to any other CIT area.

4.95 However, the auditors also found occasions where available lockable storage did not appear to be used to store student records. These included:

  • the Automotive area’s temporary attendance sheets and student cards (which record student names, contact details, attendance and assessment results) appeared to be kept in folders at the Automotive staff’s desks in the staff room rather than in available lockable filing cabinets. Although the staff room required a key or access code to enter, auditors were advised that other non-Automotive staff could also access this room (eg other faculty teaching staff, cleaning staff)

  • Student Services at the Reid campus did not lock the compactus in which they stored student records and the door to the storage room in which the compactus was located did not have a working lock. However, the back room in which the storage room is located required a separate swipe pass access and only authorised staff had access to this area.

4.96 The auditors acknowledge that, in both of these instances, the rooms in which the records were held were themselves ‘secure’ rooms.

4.97 The auditors also observed that CIT had Closed Circuit Television (CCTV) cameras set up around its Fyshwick and Reid campuses. Signs were clearly posted around these campuses indicating that CCTV cameras were in use. The CCTV cameras add to the security of CIT assets which includes the records of student’s personal information held.

Privacy issues – Physical storage and security

4.98 Some CIT staff do not appear to be aware of (or following in practice) the RMU’s record keeping procedures for hard copy (paper-based) student records. This may increase the risk that student information is not being stored and protected appropriately against loss or unauthorised access.

4.99 As the RMU has not undertaken a full census of all of its records for a number of years, there is an increased risk that the information contained on Recfind6 does not accurately reflect the location or availability of student information across CIT campuses. This increases the risk that student records may be lost or subject to unauthorised access, use, modification or disclosure.

4.100 In some instances, staff may need to transport student information off campus, including to their home. While staff demonstrated an awareness of the need to secure student information at all times, they were unable to refer to any specific CIT policy setting out what steps they should take to secure and store these records appropriately. This increases the risk that this information may be lost or subject to unauthorised access, use, modification or disclosure.

4.101 Some portable physical assets (eg laptops) containing student information do not provide any guidance regarding where the laptop (if lost) may be returned, if found by a member of the public. This increases the risk that a physical asset may not easily or readily be returned to CIT, if lost (or stolen and recovered).

4.102 In some instances, it did not appear that available lockable storage facilities were being utilised appropriately by staff to secure and store student personal information. This increases the risk that this information may be subject to unauthorised access, use, modification or disclosure.

Recommendations - Physical storage and security

4.103 The auditors found that CIT were generally handling the paper-based student personal information it possesses in accordance with IPP 4(a) obligations. However, in order to help ensure that CIT is taking reasonable steps, the auditors have identified the following recommendations to address the above privacy issues and risks in relation to physical storage and security.

Recommendation 3 – Improve consistency in hard-copy (paper-based) record keeping practices

4.104 The auditors recommend that CIT takes steps to improve staff awareness and understanding of the appropriate paper-based record keeping practices, consistent with the record keeping procedures established by the RMU.

Recommendation 4 – Undertake a census of all hard-copy (paper-based) student records

4.105 The auditors recommend that CIT undertake a census of all of its paper-based student records, to ensure that these records are appropriately stored and located according to the Recfind6 system. The auditors note that this recommendation may also be addressed as part of CIT’s implementation of the TRIM storage system.

Recommendation 5 – Develop a policy to cover staff transfer of student information off campus

4.106 The auditors recommend that CIT develop and implement a policy to guide staff around the appropriate ways in which they should handle the storage and security of student information if it is transported off campus.

Recommendation 6 – Clearly mark any portable physical electronic assets with return instructions

4.107 The auditors recommend that CIT marks all portable physical electronic assets, which may store student information, with instructions about how to return the assets if they are lost and then found.

Recommendation 7 – Utilise all available lockable storage

4.108 The auditors recommend that all available lockable storage be utilised by CIT staff to secure student personal information, even when the information is stored inside secured rooms such as teaching college staff rooms.

Observations - IT security

4.109 Banner and eLearn are the two main electronic systems used across CIT to maintain electronic student records.

4.110 Banner is the electronic system that holds the majority of CIT’s student information including students’ enrolment information (such as demographic information), academic record and assessment information. The information on Banner informs other CIT systems such as eLearn and the library system (Horizon). However, these other CIT systems do not input information into Banner.

4.111 ELearn is an online learning system that teaching colleges use to distribute course information, run online teaching sessions, complete assessment tasks and upload assessment evidence. ELearn consists of the following three components:

  • Moodle - a learning management system
  • Wimba - a live virtual classroom and collaboration suite
  • Equella - a digital learning object repository.

4.112 The auditors understand that CIT also has a number of other electronic systems that are used within particular areas to maintain student personal information. For example, the Student Records & Graduation area records all of its interactions with students, such as phone contact, in the Client Relationship Management System. However the focus of the current audit only considered the Banner and eLearn systems, given these are the primary systems used to secure and store student information.

Access Controls

4.113 The auditors noted a range of access controls and protections in relation to IT security for the Banner and eLearn systems that CIT uses to store electronic student records.

4.114 Access to Banner is restricted and all access control to this system is managed by the Banner administration team. Staff members’ initial password to log into Banner is created by the Banner team and sent to their CIT email address.

4.115 Upon first Banner login, staff are forced to change their password. The new passwords are required to meet certain complexity requirements (minimum length, alpha-numeric characters). Furthermore, compulsory password changes are required between 30-90 days with staff unable to reuse any of their previous ten passwords. This is consistent with an ACT Whole of Government password policy.

4.116 The auditors observed that there is an automated process in place for revoking network access to employees who cease working at CIT. Notification is then sent to the Banner administration team to also remove these employees’ Banner access.

4.117 CIT students are given access to a restricted version of the Banner system regarding their own personal information through CIT’s ‘self-service’ system and also have access to their own eLearn account.

4.118 Students only require their CIT number and the same password to access both of these systems.

4.119 Upon enrolling new CIT students are emailed their default password (ie their date of birth) to access the self-service system and eLearn. However, while CIT recommends that students change their password after first logging onto the system, students are not required to do so.

4.120 Teaching staff are also able to access students’ information held on eLearn. It appears that teachers log into eLearn using their CIT number and password, which defaults to their date of birth. Teachers are only able to access student information for students that are attached to a subject of which they are a teacher.

System Controls

4.121 CIT staff are required to complete either face-to-face Banner training (run by the Banner administration team) or online Banner training and pass a practical assessment, prior to being granted access to the system.

4.122 CIT staff are advised to lock their computer and laptop screens when they are logged in, but not attended. Computer and laptop screens also automatically lock after approximately 15 minutes of inactivity.

4.123 Different CIT staff have different levels of access to the records within the Banner system, depending upon their role description and work requirements.

4.124 Each CIT position is assigned a mutually exclusive access class, with staff movement between positions requiring the new manager to request a change to the level of access for the incoming staff member.

4.125 The auditors observed that different CIT areas store student information on their network’s I:Drive. For example, the Student Support area scans students’ registration forms onto the area’s I:Drive and the Automotive and Metals areas upload all of the student information they collect into their shared I:Drive.

4.126 CIT staff advised that access to each area’s I:Drive is restricted to that area’s staff.

4.127 The auditors note that the Automotive teachers and the Metals teachers currently have access to each other’s student information on the I:Drive (although Automotive teachers do not teach Metals’ students and vice versa). However, this access to student information is limited as:

  • the Metals area stores all of its students’ information including personal details, attendance information, assessment information (such as assessment evidence footage recorded using POV glasses or the flip camera) and contact with students’ employers in protected electronic ‘roll books’.

  • These roll books are all individually password protected and only teaching staff in the Metals area possess the password to unlock them.

  • the Automotive area generally still keeps its student information on hard copy student cards and student attendance sheets and generally only scans copies of the student cards onto the I:Drive at the end of each semester.

Audit Logs

4.128 Audit logs of Banner are kept for actions taken on student accounts, such as where results are entered or student details are amended.

4.129 The Banner administration team conducts a monthly audit of Banner and checks to ensure that staff are not improperly modifying any records (eg of family members).

4.130 The auditors note that there is no audit log kept of the ‘browse’ or ‘read only’ activity on Banner. However, CIT advised that it has considered this in line with its business requirements and determined that it is able to manage the associated risk.

System Integrity

4.131 The Shared Services ICT team conducts testing of Banner to ensure that the system is sufficiently secure.

4.132 In particular, it conducts bi-annual security testing where known vulnerabilities are tested and a subsequent report categorising identified levels of risk is generated. The identified risks are then addressed from the highest priority risks down to lower level risks.

4.133 The Shared Services ICT team advised that while external parties have attempted to gain unauthorised access to CIT’s Banner system in the previous 12 months, no breaches of the system’s security safeguards had occurred to date.

Privacy issues – IT Security

4.134 The default password for students to access the self-service and eLearn systems is the student’s date of birth. While students are advised to change their password on initial access, they are not forced or required to. There is a risk that, as a student’s date of birth and CIT number may be relatively easily known or obtained by a third party, the third party could improperly access that student’s personal information on self-service and eLearn systems.

Recommendations – IT security

4.135 The auditors found that CIT were generally handling the electronic student personal information it possesses in accordance with IPP 4(a) obligations. However, the auditors have identified the following recommendation to address the above IT security privacy risk.

Recommendation 8 – Compulsory password change for student access to their accounts on self-service system and eLearn systems

4.136 The auditors recommend that CIT requires students to compulsorily change their assigned default password (ie date-of-birth) to another password chosen by the student, after students initially log into their student accounts on self-service and eLearn systems.

Observations - Policies and Procedures

4.137 The auditors observed that CIT has a number of policies and procedures providing guidance to staff about how to handle student personal information in line with the Privacy Act. Examples include the Student Confidentiality Policy and Professional Practice at CIT.

4.138 All of CIT’s policies, procedures and forms are available for staff access on the Staff Information Site (SIS).

4.139 The auditors also found that CIT has strong practices with regard to protecting students’ personal information from unauthorised release to third parties. This is demonstrated by the following:

  • CIT generally does not release a student’s personal information to third parties, such as the student’s parents, without the student’s written consent.

  • When students request their student documentation (such as an unofficial transcript) via phone through the Student Services area, staff are required to verify students’ identities by first obtaining their CIT number, name, date of birth and address. This process is supported by the area’s Documentation for requests received by phone or email form for staff completion, which includes a section that reminds staff about the information the student needs to provide for such phone requests.

4.140 The auditors note that when law enforcement agencies (LEAs) request student information from CIT in person without a subpoena, CIT generally requires them to complete the Provision of Information Protected under the Privacy Act 1988 Form. This form requires the requesting officer to confirm only that the disclosure of the students’ information is required to prevent or lessen a serious and imminent threat to life or health of an individual or is necessary for the enforcement of a relevant law. This form is then kept on the students’ record.

4.141 In order to protect students’ personal information against an unauthorised disclosure in such circumstances, it may be best privacy practice for CIT to itself inquire about the exact reason for the LEAs request to satisfy CIT that the LEA is requesting the information for a relevant purpose (eg the request is related to a student’s missing person status).

4.142 The auditors also note that CIT has recently implemented a new complaints management policy and procedure that will further enable it to address complaints (including privacy complaints) from students.

Observations - Staff training

4.143 CIT has recently implemented an online induction program that all new CIT staff are required to complete. This induction program is provided via eLearn, and requires staff to complete modules at identified times after commencing at CIT (ie in the first week, first month and second month of employment).

4.144 The first week module refers staff to particular CIT policies including:

  • CIT Acceptable use of CIT Information Technology Policy
  • Professional Practice at CIT
  • Student Confidentiality Policy

4.145 The first month module provides staff with information about records management, Banner and CIT’s internal communications strategy such as topical email communications to all staff called ‘MicroBYTES’.

4.146 Each area within CIT also has its own induction for new staff that covers the different aspects of their specific roles. Staff are made aware during these inductions of their obligations to maintain the confidentiality of student information. For example:

  • CIT staff who undergo Banner training are also referred to the Student Confidentiality Policy, ACT Government acceptable use of ICT Resources policy and made aware of their Banner responsibilities, which include only using the student information for purposes in line with the Privacy Act and not sharing their Banner login password.

  • CIT’s Student Support area’s induction process includes making new staff aware of the Student Confidentiality Policy and the Procedures for Information Privacy.

4.147 Staff also learn ‘on the job’. For example, new Student Services shopfront staff will be paired with experienced staff members while learning how to execute their roles.

4.148 The auditors found that some staff from areas within CIT were not able to recall receiving any specific privacy-related training. These staff tended to have been longer term employees of CIT. One of these areas included the RMU, although the auditors note that this area is regulated by the Territory Records Act 2002 (which already has high standards with regard to record keeping).

4.149 The auditors observed that CIT uses all staff email communications called ‘MicroBYTES’ to remind staff about their privacy obligations. For example, CIT staff were emailed ‘MicroBYTES’ on 29 March 2012 and 22 May 2013 which were detailed reminders about ‘Staff Banner Responsibilities’ and staff ‘Obligations in relation to personal information’. The auditors note that it will be beneficial for CIT to continue to use these email communications to remind and train staff about their privacy obligations.

4.150 Overall, the auditors found that CIT areas appeared to have initial or induction training that enables their staff to perform their specific roles in line with the Privacy Act. The new CIT induction training also refers staff to relevant privacy-related CIT policies.

4.151 However, the auditors noted that there did not appear to be any regular, specific and ongoing privacy ‘refresher’ training for staff beyond the induction process, to ensure staff remain fully across their privacy obligations under the Privacy Act.

Privacy issues – staff training

4.152 If CIT staff (especially ongoing staff) are unaware of their specific responsibilities and obligations in relation to the storage and security requirements under the Privacy Act, there is an increased risk that student information may be subject to unauthorised access, use, modification or disclosure.

4.153 The auditors have identified the following recommendation to address this privacy risk.

Recommendation 9 – privacy training

4.154 The auditors recommend that CIT provides regular, specific and ongoing privacy ‘refresher’ training for all CIT staff.

Other identified issues

Observations

4.155 The auditors noted that CIT did not have a designated Privacy Contact Officer (PCO).

4.156 While this is not a specific requirement under the Privacy Act, the OAIC recommends that ACT government agencies have a PCO to act as the first point of contact for advice on privacy matters related to their agency.

4.157 For further information about the role that PCOs can fulfil within CIT please refer to www.oaic.gov.au/privacy/privacy-topics/government/the-role-of-the-privacy-contact-officer-in-australian-government-agencies.

Privacy issue

4.158 Students, staff or members of the public who have queries or complaints around the personal information handling practices of CIT may not be aware, or able to easily locate, the appropriate area within CIT to raise these issues so they may be dealt with efficiently and appropriately.

Recommendation 10 – Privacy Contact Officer

4.159 The auditors recommend that CIT assign responsibility to an appropriate staff member to undertake the role of PCO, and provide appropriate contact details on its website and relevant publications to allow CIT students, staff and members of the public to raise any privacy issues through this officer.

Back to Contents

Part 5 — Summary of recommendations

Recommendation 1 – Provide comprehensive privacy notices on all relevant forms

5.1 The auditors recommend that CIT include a clear privacy notice on all forms used to collect student information, which clearly sets out the purpose/s for the collection, any entities to which the information may usually be disclosed and any legal authority or requirement for the collection.

Auditee response

A review of student forms will be conducted by October 2014 identifying those that do not contain a privacy notice. Privacy notices will be added to those forms that do not already have a notice included.

Recommendation 2 – Ensure all privacy notices on forms are reviewed systematically

5.2 The auditors recommend that CIT establishes a process or procedure to regularly review all of the forms used to collect personal information from students, to ensure that all forms continue to meet the requirements of IPP 2.

Auditee response

A review of forms, prior to major enrolment periods (May and October) will be conducted by June 2014 to ensure that all forms meet the requirements of IPP2.

Recommendation 3 – Improve consistency in hard-copy (paper-based) record keeping practices

5.3 The auditors recommend that CIT takes steps to improve staff awareness and understanding of the appropriate paper-based record keeping practices, consistent with the record keeping procedures established by the RMU.

Auditee response

In May and October of each year, CIT will provide staff with relevant information through CIT all staff MicroBytes published each semester. This will be implemented by October 2014.

Recommendation 4 – Undertake a census of all hard-copy (paper-based) student records

5.4 The auditors recommend that CIT undertake a census of all of CIT’s paper-based student records to ensure that these records are appropriately stored and located according to the Recfind6 system. The auditors note that this recommendation may also be addressed as part of CIT’s implementation of the TRIM storage system.

Auditee response

An annual census will be conducted by records management staff of all student records that are registered on RecFind6. This will be implemented by November 2014.

Recommendation 5 – Develop a policy to cover staff transfer of student information off campus

5.5 The auditors recommend that CIT develop and implement a policy to guide staff around the appropriate ways in which they should handle the storage and security of student information if it is transported off campus.

Auditee response

The Records Management Policy and Procedures will be reviewed by October 2014 to appropriately include the procedures for the transfer of student information off-campus. Staff will be advised of the process on a regular basis.

Recommendation 6 – Clearly mark any portable physical electronic assets with information to assist the return of these assets to CIT if lost or stolen

5.6 The auditors recommend that CIT marks all portable physical electronic assets, which may store student information, with details about how to return the assets if they are lost and then found.

Auditee response

In most cases CIT electronic assets, including laptops, iPads and mobile phones are leased from the ACT Government and are DataDot tracked through CIT ICT and carry an ACT Government sticker in case of theft or loss. By December 2014, CIT will ask all staff in possession of an electronic asset to ensure that appropriate details are clearly marked on the device, so that in the case of any loss, the asset can be returned to its place of origin.

Recommendation 7 – Utilise all available lockable storage

5.7 The auditors recommend that all available lockable storage be utilised by CIT staff to secure student personal information, even when the information is stored inside secured rooms such as teaching college staff rooms.

Auditee response

A reminder of the appropriate and documented practice to ensure information that is stored is securely locked will be included in the MicroByte published in May and October each semester (see Recommendation 3).

Recommendation 8 – Compulsory password change for student access to their accounts on self-service system and eLearn systems

5.8 The auditors recommend that CIT require students to compulsorily change their assigned default password (ie date-of-birth) to another password chosen by the student, after students initially log into their student accounts on self-service and eLearn systems.

Auditee response

The feasibility of implementing a forced password change on first login to student systems will be investigated and an associated risk assessment undertaken by September 2014. If associated risks can be mitigated the change will be implemented by February 2015.

Recommendation 9 – privacy training

5.9 The auditors recommend that CIT provide regular, specific and ongoing privacy ‘refresher’ training for all CIT staff.

Auditee response

Staff privacy training will be provided through the staff induction process and as part of a suite of compliance based training. Delivery of the training will be complete by April 2015 and will comply with ACT Government Policy.

Recommendation 10 – Privacy Contact Officer

5.10 The auditors recommend that CIT assign responsibility to an appropriate staff member to undertake the role of PCO, and provide appropriate contact details on its website and relevant publications to allow CIT students, staff and members of the public to raise any privacy issues through this officer.

Auditee response

CIT has appointed a Privacy Contact Officer and their contact details will be placed on the CIT website and Staff Information Service by June 2014 so that privacy matters can be referred to the Privacy Contact Officer in the first instance.

Back to Contents

Appendix A – Documents gathered pre-fieldwork

  • CIT Annual report 2011-12
  • CIT Functional Structure
  • 2004 Privacy Audit Management Action Plan
  • CIT personal information digest
  • Current CIT Policy, Procedures and Guidelines relevant to the audit, including:
    • Assessment Procedures for Assessment Coordinator
    • Assessment Procedures for Teachers
    • Assessment Procedures for Education Managers
    • Banner Security Procedures
    • Bulk Registrations (without students)
    • CIT Library Information Access & Management Guideline
    • Disability Students Policy
    • Educational Delegations Manual (Revised 8 January 2013)
    • eLearn Policy
    • Privacy – Library – Flexible Learning
    • Professional Practice at CIT
    • Records Management Advice
    • Records Management Plan
    • Records Management Policy
    • Records Management Program
    • Records Management Service Charter
    • Records Management Strategic Focus & Proposed Strategies
    • Student Confidentiality Policy
  • Relevant CIT staff training materials:
    • Banner User Manual
    • Banner Basic Training
    • CIT Microbyte reminders dated 29 March 2012, 22 May 2013 and 14 October 2013
    • CIT Induction material on eLearn
    • Library – Skills Checklist
    • Records Management – How well are you managing your records information sheet
    • Effective Records Management power point presentation
  • Relevant ACT Government Policy:
    • Acceptable Use of ICT Resources Policy
    • ICT Security Policy
  • Relevant external CIT forms:
    • Academic Appeal Application Form
    • Application for CIT Student Parking Ticket Form
    • Application Form [pre enrolment]
    • Bulk Enrolment Form
    • CIT Enrolment Form
    • CIT Australian Apprenticeship Registration Form
    • CIT Entry Requirement Evidence Form
    • CIT Request for Access to Facilities (Student Use Only)
    • CIT Student ID Check
    • CIT Student Support – Disability Support Registration Form
    • CIT Student Support – General Case Management Registration
    • CIT Student Support – Migrant Support Registration Form
    • CIT Application for Award
    • CIT Media Consent Form (Adults)
    • CIT Media Consent Form (Minors)
    • Centrelink Client Consent Form
    • DEEWR – VET Registration Form
    • Fee training places for single and teenage parent ACT – CIT and Self-Referral Form
    • Personal Details Variation Form
    • Provision of Information Protected Under the Privacy Act 1988 Form
    • Proxy Enrolment Form
    • Request to Enrol for a third time Form
    • Request for [Unofficial/Official Transcript etc]
    • Request for Update of Result
    • Release of Information Form
    • Skills Recognition Form
    • Under 17 year old ALERT form
    • Workplace Skills Enrolment Form

Back to Contents

Appendix B – Documents gathered during fieldwork period

  • CIT Internal Governance Structure
  • Information about using the Point of View (POV) wearable video camera
  • Relevant internal CIT forms:
    • Archiving for Student Services
    • CIT File Request Form
    • Documentation for requests received by phone or email checklist
  • Relevant external CIT forms:
    • Updated CIT Enrolment Form (not published at time of fieldwork)
  • Relevant external CIT Solutions forms:
    • CIT Accommodation Booking Form
    • CIT – Application Form
    • Visa Requirements (satisfactory academic progress)
    • Visa Requirements (satisfactory attendance)
    • Example Letter of Offer
    • Request for Refund
    • Confirmation of Third Party Authorisation
  • Current CIT Policy, Procedures and Guidelines relevant to the audit, including:
    • Complaints Handling System Business Rules Pilot including Complaints Handling System Use of Information Privacy Declaration
    • Complaints Policy – Student and Community
    • CIT Procedures for the Use of Closed Circuit Television (CCTV) Systems
    • CIT Records Management Procedures
    • CIT Resource Handbook for Teachers of Students with a Disability
    • CIT Staff Induction Policy
    • CIT Student Support – Procedures for Information Privacy
    • CIT Student Support – Disability Team Procedures
    • CIT Trade Skills and Vocational Learning College Individual Staff Agreement – Banner Remote Access Project
    • CIT Use of Closed Circuit Television (CCTV) Systems Policy
    • Metal Area Point of View Procedure
    • Procedures for Resolving Workplace Issues
    • Procedures for Resolving Complaints
    • Record Management (Shopfronts) Procedure
    • Resolving Workplace Issues Policy
  • Relevant CIT staff training materials:
    • CIT Banner 8 – Banner Basics Training Workbook
    • ‘Faculty Self Service AVETMISS’ Extract from the CIT Banner 8 Quick Guide
    • Student Records Team staff induction information
    • Student Support Team staff induction information

Back to Contents

Appendix C – Documents gathered post-fieldwork

  • Current CIT Policy, Procedures and Guidelines relevant to the audit, including:
    • CIT Cessation of Employment Policy
    • Audit of Staff who Have Modified a Student Record of That of a Family Member checklist
  • Copy of Student Services staff training tracker
  • Engineering Fabrication Section – Occupational Health and Safety Document
  • eLearn Induction Guide
  • General Staff Performance Management Plan & Professional Development Plan
  • Rolls Policy (Record of Attendance and Assessment)
  • Student Services New Starter Checklist

Back to Contents

Appendix D – Assessment Matrix 1

CIT enrolment forms

Student formsIs IPP 2 notice available? Y/NIs IPP 2 notice adequate? ie, does the notice include:
Purpose of CollectionCollection authorised/required by LawUsual Disclosures
CIT Enrolment Form Y Y Y but could more explicit Y
CIT Australian Apprenticeship Registration Form Y Y Y but could more explicit Y
Proxy Enrolment Form N Implied N N
DEEWR – VET Registration Form Y Y but could be clearer Y Y
Workplace Skills Enrolment Form Y Y but could be clearer Y but could more explicit N

CIT student & academic services forms

Student formsIs IPP 2 notice available? Y/NIs IPP 2 notice adequate? ie, does the notice include:
Purpose of CollectionCollection authorised/required by LawUsual Disclosures
CIT Application Form Y N N/A N
Centrelink Client Consent Form Y Y N N/A
CIT Application for Award Y Y N/A Y
CIT Entry Requirement Evidence N Implied N/A N
CIT Student ID Check Form N Implied N/A N
CIT Student Support – Disability Support Registration Form Y Implied N/A Y
CIT Student Support – General Case Management Registration Form Y Implied N/A Y
CIT Student Support – Migrant Support Registration Form Y Implied N/A Y
Fee Training Places for Single and Teenage Parent ACT – CIT and Self-Referral Form Y Y Y Y
Personal Details Variation Form Y Y N/A Y but could be more explicit
Release of Information Form Y Y N/A Y
‘Request for...’ Form Y Y N/A N
Skills Recognition Form Y Implied N/A Y
Under 17 Year Old ALERT Form N Implied N Y

CIT automotive & metals form

Student formsIs IPP 2 notice available? Y/NIs IPP 2 notice adequate? ie, does the notice include:
Purpose of CollectionCollection authorised/required by LawUsual Disclosures
CIT Media Consent Form (Adults) N Implied N/A Implied but perhaps too general

CIT solutions forms

Student formsIs IPP 2 notice available? Y/NIs IPP 2 notice adequate? ie, does the notice include:
Purpose of CollectionCollection authorised/required by LawUsual Disclosures
CIT Application Form Y Y Y y
Letter of Offer Y Y Y Y
Visa Requirements Form (Academic Progress) Y Y Y Y
Visa Requirements Form (Attendance) Y Y Y Y
CIT Accommodation Booking Form N Implied N/A N
Request for Refund Form N Implied N/A N
Confirmation of Third Party Authorisation N Implied N/A N

Back to Contents

Appendix E – Assessment Matrix 2

CIT forms where purpose of collection is obvious and usual disclosures are unlikely

Student formsIs IPP 2 notice available? Y/NIs IPP 2 notice adequate? ie, does the notice include:
Purpose of CollectionCollection authorised/required by LawUsual Disclosures
Application for CIT Student Parking Ticket N Implied N/A N
Academic Appeal Application Form N Implied N/A N
CIT Request for Access to Facilities (Student Use Only) N Implied N/A N
Request to Enrol for a Third Time Form N Implied N/A N
Request for Update of Result N Implied N/A N

Back to Contents