For the records managers

what do we mean by 'compliance'?

Castlepoint complies with all policies endorsed by the National Archives of Australia, including AS ISO 15489 and the global standard ISO16175.  In addition to records policy, Castlepoint is built to comply with other required Acts, Regulations, policy instruments and standards, including security and privacy requirements across jurisdictions.

The regulatory environment is growing, with more and more audits, Freedom of Information and legal discovery requests, security and privacy laws, and Royal Commissions each year. Information needs to be managed whole-of-life, so that their risk and value is always known and controlled, in accordance with these obligations.  Most third party compliance tools use a ‘recordization’ model, only archiving the record at the end of its life.  Castlepoint allows compliant records management, in the source systems, from the moment of capture — with constant review and update of the sentence every time record changes.

The Artificial Intelligence capability is fully transparent, so you can see how each record sentence was determined, and can tune the retention as required. Castlepoint operates 24×7, constantly sentencing and re-sentencing millions of records in an accountable way, freeing up your records management staff to do more value-added and strategic work. And it is true AI – not a complex rules engine requiring a lot of effort to set up and maintain. 

Castlepoint also provides comprehensive security management, tracking and reporting on all actions on classified, sensitive, high risk and topical records. 


The NAA and other agencies identify 947 requirements for records management in Australian government, beyond the Archives Act. We also need to automatically apply freezes and holds, and obligations from other Regulations.


Multiple instruments apply in government and regulated industry for information and systems security governance and control. You need to know where your high-risk information is, and what is happening to it, in real time.


Privacy law, principles on private and open public sector information, and Freedom of Information instruments govern how content is managed. We need to be able to discover content across all systems to respond to discovery requests rapidly.


Government and industry are beholden to many standards and recommendations for information systems architecture, design and management. Systems need to be secure, interoperable, and apply automation ethically and appropriately.

Records managers and security teams often deal with pushback from the business or ICT areas when they try to make the organisation more compliant. Castlepoint supports full compliance, without any detrimental effects on the user base or the technology platform, giving you a stronger business case to progress.

Scroll to Top