The principles of records management are intended to ensure that an organisations critical business information is available those allowed to use / view it, when and where they need to access it, in a logically well structured, organised and efficient way, securely stored in a well-maintained and administered environment.
Records are created or received and used when conducting organisational business activities. To support the continuing conduct of business, customer and client care, act in accordance with the regulatory requirements, as well as providing necessary accountability, organisations have to create maintain and preserve authentic, reliable and usable records, and protect the integrity of those records for as long as their retention schedule requires. To do this, organisations should institute and carry out a comprehensive records management programme.
Organisations are required to make sure that their records:
… are created and stored and, are able to prove beyond doubt that the record is ‘what it claims to be’ and identifies the individual who created it, by maintaining a record of its management through time. If information is subsequently modified to an existing document within a record, these modifications of information must be tracked, signed and dated. Changes and additions to electronic records have got to be identifiable through strict logging audit trails.
… have to accurately reflect the transactions they document.
… must be readily available as and when required.
… must be adequate in content, context and structure to recreate the pertinent activities and transactions they document.
… must document the entire range of the organisation’s business.
… must act in accordance with any record keeping requirements from legislation, audit rules and other applicable regulations.
… should be maintained for the specific purposes for which it was gathered, and the information contained must meet those purposes.
… have got to be securely stored and maintained preventing unauthorised access, modification, damage or removal. They have to be stored in an administered, secure environment, the degree of security relevant to the sensitivity and significance of the content. If records are migrated across changes in technology, the evidence preserved must retain and demonstrate authenticity and accuracy.
Records created by organisations are extremely valuable assets because of the business critical data they contain. The information held within these records is only useful if it is quickly and easily accessible and usable maintained correctly and legibly recorded in the first instance and is then kept up to date, and monitored in accordance with their retention and disposal schedule.