Records management is an important part of an organisation’s information management strategy. A well-executed policy will help to communicate responsibilities and expectations and foster a culture that recognises the value of recordkeeping practices. We touch on why a policy is valuable and elements of records management policy to consider when developing your own, along with PDF samples and online examples.

Why a Records Management Policy Is Important

Every organisation has recordkeeping responsibilities. Across all sectors in Australia, businesses are legally required to maintain certain records for a minimum length of time – for example tax, employment and financial records. In the public sector, these responsibilities extend farther. As organisations grow, these requirements can get lost in day-to-day operations, and many have found that implementing a policy helps to keep compliance on track.

A records management policy has many benefits, which the Tasmanian Archive & Heritage Office articulate well along with some helpful hints for policy development. In summary, a policy provides the foundation for effective recordkeeping within an organisation and demonstrates to employees and stakeholders its importance. The policy will help to communicate expectations, procedures and responsibilities that underpin the records management program, and serve as a mandate for recordkeeping activities.

Considerations When Developing Your Policy

When developing a records management policy, approach the project in a methodical manner. Develop a project plan and gain executive support, as important projects that do not have the direct support of leadership are often ignored. Consult staff and key stakeholders as they will have useful operational insight. Imposing a policy from above without consultation of those who will use and execute it carries a much higher risk of failure. Research and understand current practices, organisational attitudes and applicable regulatory requirements. Lastly, consider existing policies, such as those found in this article, to assist in the development of your recordkeeping policy.

An effective policy is thorough but concise, making it easy to understand the organisation’s position on records management, and what is expected of its staff. The following elements of records management policy are commonly found in Australia and should be considered as a starting point for your policy’s development.

Element 1: Purpose and Authority of the Policy

Start by articulating the purpose and authority of the policy. Consider the intentions and explain why a records management policy is important. Outline who has authorised the policy to lend credibility to it – executive sponsorship is key to any program’s success.

Consider the following Australian examples;

• The NSW State Archives & Records Authority policy clearly communicates the intent of the policy, what it will enable the agency to accomplish, who has authorised it and the party who owns the overall policy
• Australian Catholic University’s Records and Archive Management Policy thoroughly articulates the purpose of their program and does an excellent job of communicating why it’s a crucial part of their operations. Authority is somewhat covered off in section five, however it could be better communicated in its own section or at the beginning of the policy
• Ombudsman Western Australia’s Records Management Policy ticks these boxes efficiently with sections that outline a policy statement and application of policy, with authorisation stated at the end of the document

Element 2: Policy Scope

A records management policy must also establish its scope. State who it applies to, and the responsibilities those parties have in order to uphold the policy and records management program. Consider whether it applies to all organisational staff, or whether certain parties have varying responsibilities. Describe what the policy covers and what is considered a record. Should every business interaction be recorded, in all formats; physical, electronic and social media?

Real world policy examples include;

• La Trobe University’s Records and Archives Management Policy which provides a simple and well-articulated scope
• The Department of Prime Minister and Cabinet’s Records Management Policy (page 18) which clearly sets out the types of records governed by the policy and those that aren’t “by employees in the performance of their duties”
• Tasmania’s Integrity Commission comprehensively conveys the scope of their Records Management Policy here, by differentiating between records and information, explaining what formats are included and who the policy applies to

Element 3: Goals and Objectives

Setting and communicating goals and objectives is an essential element of a records management policy, and plays a key role in defining how the other elements interrelate. Conversely, if the policy’s goals are not well thought out, are vague, or seem irrelevant, it could undermine confidence in the program.

Several local policies we came across the hit the nail on the head in this regard;

• Queensland Government Chief Information Office’s Records Governance Policy which sets out a succinct bullet point list of policy objectives
• The NSW State Archives and Records Authority does an excellent job in defining their goals in section 3.1 of their policy
• Lake Macquarie City Council state their objectives upfront at the start of their policy, listing numerous organisational goals

Element 4: Rationale of Records Management

The rationale sets out the motivation and justification for the policy. This portion of the document overlaps somewhat with the purpose and therefore is often rolled into one section. This is an ideal area to list applicable standards and legislation that influence the policy and practices laid out.

• Canterbury City Council efficiently communicate the rationale of their policy as part of the purpose
• Tasmania’s Integrity Commission once again makes the list by thoroughly laying out the rationale in four parts in section four, along with key standards and legislation applicable to the Commission
• Oakleigh Grammar uses purpose and rationale interchangeably in the first section of their Records and Archives Management Policy

Element 5: Definition of Terms

Each organisational culture has its own lexicon. Whether the jargon relates to a certain field or internal methods, explaining definitions represent a critical part of records management policy. Afterall, if the reader cannot understand the policy’s terminology, it won’t be very effective.

Almost every policy we explored had a section dedicated to definitions, a few excellent examples include;

• Federation University Australia’s Records Management Policy which explains 18 terms, including the definition of a record
• The University of Tasmania, defines a number of key terms, one of which is ‘business activity’, which covers a broad range of activities, including all transactions between the organisation and its employees. This term could easily be interpreted differently if its definition wasn’t explained
• Sydney Opera House communicates their policy’s definitions in an appendix of terms
• The Northern Territory Government’s Department of Corporate and Information Services explains not only key definitions, but commonly used acronyms as well

Element 6: Policy Requirements or Procedures

Specifically defining policy requirements and procedures can make or break a records management policy. If too vaguely written, the document will offer little guidance to its readers and inevitably lead to non-compliance and an ineffectual policy. On the other hand, if a policy is too stringent or intimidatingly long, staff may find it difficult to understand what their responsibilities are and how to execute them in the course of business. Finding a balance between the two extremes is crucial.

Effective records management policies will include the following;

• Guidance on the creation and capture of records – both digital and physical
• Identification and instructions on how to use the organisation’s records management system
• Classification, taxonomy and naming conventions
• Definition of what metadata is to be captured in association with records
• How version control will be recorded for a compliant audit trail
• Protocols related to staff access and data security
• Tracking movement and transfer of records, including what can be moved where, when, and for what purpose
• Plans for auditing of stored information
• Awareness of which social media records should be captured and how
• The organisation’s position on digitisation of records and how originals should be handled
• Responsibilities for retention and disposal and how to execute an authorised destruction of records.
• A plan for disaster recovery of records, as well as protocols for how to operate until the recovery takes place
• Guidelines for tracking government regulatory changes
• Strategies to ensure adequate training on an ongoing basis
• How machinery of government (MoG) changes will be handled

This area of policy is often short and concise or long and detailed, therefore we’ve included various examples;

• The Department of Foreign Affairs and Trade discusses digitisation of records and their digital transition policy, where and how records are to be kept in section nine, access to and security of records, as well as disposal, deletion and destruction of records
• The University of Technology in Sydney and CQ University take a moderate approach to detailing requirements
• Eurobodalla Shire Council’s policy is quite thorough, including the records management system in use, creation, capture, identification, locations, registration, control, classification, security, use, access, storage, disposition and disaster recover for digital and physical records

It’s worth noting that some organisations choose to list procedures in an appendix or linked procedural documentation, as this section can be lengthy.

Element 7: Records Management Responsibilities

Assigning responsibilities according to organisational role will help to establish ownership and accountability, and will help negate employees from thinking, “this doesn’t apply to me” by aligning expectations with job title. Consider defining responsibilities for the following;

• Director, Office of the Secretary (or relevant title)
• Department heads and managers
• Senior advisor or manager in the Records Management department
• Human resources
• IT department
• Departmental employees

A few Australian examples to consider for the development of your policy include;

• NSW Mental Health Commission has taken a holistic approach to outlining roles and responsibilities in section 16 of their Records Management Policy, by listing seven divisions of staff and their corresponding duties
• The ACT Government’s Education Department provides another solid example of how to clearly establish responsibilities by role, listing out five key areas of their business
• The Town of Cottesloe in WA gets an honorable mention with their thorough but concise list in section 4.2 of their policy

Development of Your Organisation’s Policy

Records management represents one of the most complicated and increasingly vital tasks that an organisation faces. Every organisation needs to stay ahead of both the regulatory and technology curve to keep records management as efficient as possible. Considering these elements of records management policy and the included examples will help to jumpstart your efforts. If feel your organisation would benefit from some professional advice in the development of your records and information management policy or its supporting framework, please reach out to our team of consultants.