By Tina Teree Baker on Thursday, June, 12th, 2014 in Blog Posts,Blog: Records & Information Management (RIM). 1 Comment

When an organization is building a records and information management (RIM) program, or revising its policy and procedures as part of the regular program review process, the question arises of how they should approach the process. They need to start with a records management policy template.

Start to develop a records management policy template

In some cases, there is little or no choice. Federal agencies, for example, must adhere to relevant passages of the Code of Federal Regulations, like 36 CFR 1220.10(b) which states that “federal agencies are responsible for establishing and maintaining a records management program that complies with NARA and GSA regulations and guidance” and 36 CFR 1220.34(c), which states that agencies must “issue a directive(s) establishing program objectives, responsibilities, and authorities for the creation, maintenance, and disposition of agency records.” Each federal agency must have a records management policy (directive) written to conform to these regulations.

But if you don’t have such hard and fast rules to follow, what should your target look like? You could craft a policy using an international standard such as ISO 15489-1: 2001, Information and documentation – Records management – Part 1: General as guidance. The standard, in part, provides guidance on determining the responsibilities of organizations for records and records policies, procedures, systems and processes. Newer, and possibly better, form guidance is ARMA International’s Generally Acceptable Recordkeeping Principles® Information Governance Maturity Model. The advantage of using this model is that for each of the eight Principles (Accountability, Transparency, Integrity, Protection, Compliance, Availability, Retention, and Disposition), there are five levels of maturity identified:

• Level 1 (Sub-standard)

• Level 2 (In Development)

• Level 3 (Essential)

• Level 4 (Proactive)

• Level 5 (Transformational)

This model not only allows an organization to assess its program’s maturity, but it gives the organization the ability to use the various maturity levels in the eight principle areas to craft a policy to which the organization can conform. As a program aspires to improve, the policy can be amended to reflect a higher level of maturity.

Why is this important? Time after time, counsel will advise their organization, or client organizations, that it is poor form to create a policy, even a wonderfully written one that would reflect a transformational program, if the organization cannot conform to it. If you do this, you may be setting an organization up for failure should the program be audited. A strong model for records management is no substitute for knowing what your business can handle, but it is a good place to start.