That all depends…
It is fairly simple to describe in outline the objectives and components of records management.
- Consistent and adequate records – achieved through templates, process design, staff training and guidance
- Retrievable records – achieved through using business classification schemes, information asset registers, designation of appropriate locations and naming/metadata rules
- Records retained for the appropriate period of time – achieved through retention schedules, effective system functionality and implemented disposal procedures
- Secure records – achieved through access rules, system security and audit trails
- Authenticity and integrity in records – achieved through access/security controls, records “lock” functionality and audit trails
All sounds easy enough, doesn’t it?
But making this effective in a busy, resource-strapped organisation is very difficult. Records management does not have a high priority amongst most colleagues in the organisation. And even where policies are clearly communicated and understood, the impetus for compliance may be low with few apparent consequences for ignoring records management altogether.
What successful records management will look like varies hugely depending on sector, resource and organisational culture. Some organisations may have highly visible RM programmes, the robust functionality of electronic records management systems and strong audit. Others may do just fine with a light touch, sensible controls built-in to business processes and desk instructions, and not even mentioning records management in policies and training.
The important thing is that you have proportionate controls in place to reduce the risks posed by losing or over-retaining records, and give you adequate assurance that your records are fit for purpose – to run the business, keep on the right side of the law and keep your auditors sweet.
So, where to start? Here are a few practical tips from us…
- Pick your battles. You won’t fix every aspect of the organisation’s recordkeeping in a single project. So, prioritise business areas which are highly visible (such as senior management meeting document processes) or present particularly high risks. Use the “good news” stories from your successes there to get buy-in for your next projects.
- Keep it simple. Like any discipline, records management can be as complex as time and resources allow. But our colleagues are unlikely to apply (or perhaps even understand) lengthy policies on metadata or retention. Work with your different business areas to translate your corporate controls and guidance into unambiguous team-specific steps: “In Team Blue, we always use these document templates, name them this way and only save them into these folders.”
- Celebrate the good, learn from the bad. As mentioned above, we can use our successes to encourage improvements in the business. But it is just as important that we collect evidence of how record-keeping failures have cost the organisation – in additional expense, reputational damage, regulatory breaches or day-to-day inefficiency. Often these just fade into the past as staff grumbles or embarrassments to move on from. But if captured and analysed they can form the basis of building a real understanding of information risk, a robust business case for records management improvement projects, and an opportunity for the organisation to learn and grow.
Our records management courses bring real life experience (yours and ours) to bear on the challenges of improving records management, looking at practical tools and approaches to apply in real-life organisations. Through discussion, exercises and case studies, we’ll help you identify concrete improvement steps to implement in your organisation.
No-one can guarantee you a quick fix for records management improvement. But we’re confident you’ll leave our courses with positive ideas to take forward in your organisation
Article by Frank Rankin