Records Management Policy
SOAS, University of London
Records Management Policy
The purpose of the Records Management Policy is to establish a framework for the creation, maintenance, storage, use and disposal of SOAS records, to support continuous improvement in its core activities of teaching and research, to provide evidence of corporate governance, and to facilitate compliance with statutory requirements.
2.1 This policy applies to all SOAS staff. It will also apply to all contractors engaged to work within the School. Excepting where the terms of funding contradict it, this policy will also apply to all records of research carried out by staff of SOAS.
2.2 The policy covers all records created in the course of SOAS business and activities. A record is recorded information, in any form (it may be an electronic file or e-mail, or a paper document), created or received by SOAS or individual members of staff to support and show evidence of the School’s activities. More detailed definitions of a record and other related terms are provided in Annex A.
3 Policy Statement
The records of SOAS are its corporate memory, and are necessary for good corporate governance, to be accountable, to comply with legal requirements, to provide evidence of decisions and actions, and to provide information for future decision-making. All records created in the course of working for SOAS are the property of the School. Managing and using records effectively will ensure that SOAS gains the maximum benefit from them.
SOAS recognises the importance of this essential resource and undertakes to:
3.1 Manage records effectively in line with this policy
3.2 Comply with legal obligations that apply to its records (see Annex B)
3.3 Exercise best practice in the management of records, as outlined in relevant standards (see Annex B)
3.4 Encourage effective access to and use of records as a corporate source of information
3.5 Keep records electronically where appropriate, where possible putting in place provision to ensure their reliability
3.6 Store records efficiently, utilising appropriate storage methods at all points in their lifecycle, and disposing of them appropriately when they are no longer required
3.7 Provide appropriate protection for records from unwanted environmental (fire, flood, infestation) or human impact (alteration, defacement, theft)
3.8 Safeguard records necessary for the continuity and regeneration of SOAS in the event of a disastrous occurrence
3.9 Identify and make provision for the preservation of records of long term and historical value
4 Roles and Responsibilities
4.1 The Information Compliance Manager is responsible for developing corporate records management policy, procedures and guidance
4.2 Directors and Deans are responsible for ensuring that adequate records of their directorate or faculty’s activities are maintained
4.3 Information Compliance Liaison Officers are responsible for communicating records management policy and procedures to their directorates/faculties and reporting on their implementation to the Information Compliance Manager
4.4 All SOAS staff are responsible for documenting their work and keeping records in line with SOAS policies and procedures
4.5 The Director of Library and Information Services is responsible for ensuring that adequate technical provision is in place to support record keeping across the School
4.6 The Director of Estates and Facilities is responsible for providing adequate and appropriate storage and disposal facilities to support record keeping across the School
4.7 Committee Secretaries are responsible for maintaining records of their committees and managing their disposition in line with the instructions provided in the SOAS Retention Schedule
4.8 The Directorate is responsible for the coordination of off-site storage for non-current paper records.
5 Implementation Methods
5.1 A network of Information Compliance Liaison Officers will be established to ensure that records management policies and procedures are communicated and implemented in directorates and faculties
5.2 An inventory of SOAS records will be carried out to identify records that are created, received and stored by, or on behalf of, SOAS
5.3 A retention schedule outlining SOAS policy for retention and disposal of records will be produced and implemented
5.4 Guidance and facilities for the appropriate disposal of records will be provided.
5.5 Directorates/Faculties/Teams will ensure that their records are adequately controlled, through such methods as registration of files and use of actively managed shared areas on networks
5.6 Records management guidance will be made available to SOAS staff, including guidance on such matters as security and access to records, document naming and version control, and appropriate storage at different stages of the records lifecycle
5.7 Staff will receive training in records management appropriate to their role
5.8 Records and information management risks will be identified in the School’s Risk Register if appropriate
5.9 Vital records will be identified and steps taken to ensure their survival in the event of a disastrous occurrence
5.10 A strategy for the selection, preservation and use of records as a historical resource will be developed and implemented in time for the SOAS centenary in 2016
5.11 Records management issues will be considered when planning or implementing new systems (electronic or otherwise) and during re-structuring or major changes to the School.
6 Monitoring of Policy
6.1 Progress in implementing this policy will be reported to the Information and Internal Communications Committee every term.
6.2 Audits of records management will be carried out every two years to review progress.
7 Policy Review
The Records Management Policy will normally be reviewed every two years to ensure that it continues to fulfil the needs of SOAS.
SOAS Records Management Policy, Annex A: Definitions
What is a record?
A record is recorded information, in any form, created or received by SOAS or individual members of staff to support and show evidence of SOAS activities. It is important to differentiate between a record and a document. All records are documents, but not all documents are records. In effect, a document becomes a record when it forms part of a business activity.
An example of a document would be a blank form. If somebody completes and submits the form, it becomes a record, because it has participated in a business activity. Some documents will never (and should never) become records, due to their ephemeral nature. Examples include promotional literature received (unless it is relevant to a particular project or initiative ongoing or planned), junk mail (e-mail or otherwise) and other items of no more than passing significance.
Records need to be authentic, reliable, have integrity (be complete or unaltered, except under controlled conditions) and be useable. Records therefore need to be subject to controls that ensure these features are maintained.
What is records management?
The international standard on records management describes it as:
“[The] Field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and [disposal] of records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records” BS ISO 15489-1 Information and documentation – Records Management
Effectively, it is about applying the necessary controls to SOAS records to ensure authenticity, reliability, integrity and usability.
The records lifecycle
This is a model used by records managers to describe the stages through which a record progresses during its existence. It is helpful for planning records management activities, so that records can be maintained and stored efficiently.
Records are placed within files classed as ‘current’ until they are closed. Files then progress through a ‘semi-current’ phase, when staff may still access them regularly, but will not add any records. Often another phase, ‘non-current’, follows where a file needs to be retained, perhaps for legal reasons, but is rarely referenced. Once a file is no longer needed, it can be disposed of, either by transfer to a Record Office if it is likely to be of historical significance, or by destruction.
The retention schedule
This is a policy statement setting out what records SOAS holds and how long they will be retained before disposal. It can also be used to set out what needs to happen to records at different stages of their lifecycle to ensure that they are stored efficiently.
What are vital records?
These are records without which SOAS could not function or be reconstructed in the event of a disaster.
SOAS Records Management Policy, Annex B: Legislation and Standards relevant to Records Management
Many pieces of legislation, regulations and standards include requirements for record keeping. The following are the most relevant to the SOAS Records Management Policy.
Legislation and regulations
Data Protection Act 1998
Environmental Information Regulations 2004
Freedom of Information Act 2000
Standards and Codes of Practice
BS ISO 15489-1, Information and documentation – Records management – Part 1: General
BS ISO/IEC 27001: 2005, Information technology. Security techniques. Information security management systems. Requirements
BS ISO/IEC 27002: 2005, Information technology. Security techniques. Information security management systems. Code of Practice
BS 10008 Evidential weight and legal admissibility of electronic information - Specification
BS 8470:2006, Secure destruction of confidential material. Code of practice
BS 4783, Storage, transportation and maintenance of media for use in data processing and information storage
The Lord Chancellor's Code of Practice on the Management of Records Issued under section 46 of the Freedom of Information Act 2000
JISC Guidance on Records Management
Related SOAS strategies and policies