National Records of Scotland

Preserving the past, Recording the present, Informing the future

Model Records Management Plan

Model Records Management Plan

The Model Records Management Plan appears below. You can download a copy in a single Rich Text Format file [Rich Text Format, 670KB] or as single PDF file [Acrobat Reader, 91KB].

Model Records Management Plan

To assist Scottish Public Authorities to comply with the Public Records (Scotland) Act 2011.

The Keeper of the Records of Scotland (the Keeper) is statutorily obliged under the terms of the Public Records (Scotland) Act 2011 (the Act) to publish a Model Records Management Plan (model plan) to assist authorities when preparing their own records management plan (RMP) for submission to the Keeper for agreement as required under the Act.

Section 1 of the Act says:

1 Records management plans:

(1) Every authority to which this Part applies must-

  • (a) prepare a plan (a "records management plan") setting out proper arrangements for
    the management of the authority's public records,
  • (b) submit the plan to the Keeper for agreement, and
  • (c) ensure that its public records are managed in accordance with the plan as agreed
    with the Keeper.

(2) An authority's records management plan must -

  • (a) identify -
    (i) the individual who is responsible for management of the authority's public records, and
    (ii) (if different) the individual who is responsible for ensuring compliance with the plan, and
  • (b) include, in particular, provision about-
    (i) the procedures to be followed in managing the authority's public records,
    (ii) maintaining the security of information contained in the authority's public records, and
    (iii) the archiving and destruction or other disposal of the authority's public records.

Read more information regarding the Act.

For statutory requirements placed on the Keeper, including the preparation of the model plan, read the Act on the Scottish Parliament website.

Introduction

Under the Public Records (Scotland) Act 2011 (“the Act”) Scottish public authorities must produce and submit a records management plan (“RMP”) setting out proper arrangements for the management of an authority’s public records to the Keeper of the Records of Scotland (“the Keeper”) for his agreement under section 1 of the Act. To assist authorities in this process, the Keeper must publish a model RMP (“Model Plan”) that has been produced in consultation with stakeholders. To this end the Keeper established a Public Records Stakeholder Forum (“the Forum”) [footnote 1] to help develop the model plan.

The Model Plan should be read in conjunction with the Guidance to the Form and Content of the Model Plan (“the Guidance”). The Guidance has been produced to comply with section 1(4) of the Act

The Model Plan suggests 14 elements that the Keeper would expect a Scottish public authority to consider when creating its RMP. It is recognised that all elements will not apply to every authority. However, should an authority consider that an element does not apply, the Keeper will expect to see an explanation in support of the omission of that element from its RMP.

Although the Model Plan is published by the Keeper, its content reflects the combined work of the Keeper and the Forum. The Forum membership had representation from a cross section of public authorities and other bodies who are affected, either directly or indirectly, by the Act.

A glossary of terms used in the Model Plan is included as Appendix A in the Guidance. Reference in this document to an ‘authority’ should be taken to mean an authority listed in the schedule of the Act. Read the schedule to the Act.

This Model Plan assumes as its starting point that there is no records management provision within an authority. However, it is recognised that different authorities will have different levels of provision. The records management practices set out within the Model Plan are essentially matters of good business administration. It is anticipated that many authorities will be able to populate much of their RMP using existing policy documents. The guidance includes links to self-assessment tools designed to help authorities understand their current records management provision and plan for improvement. A culture of improvement in record keeping is fundamental to the spirit of the Act.

Section 8(3) of the Act states that authorities must have regard to the Model Plan, but it is not compulsory for an authority to copy the format of the Model Plan in developing their RMP. Where an authority has already developed a robust records management system the Keeper would not expect that authority to expend additional resources rewriting it in line with the Model Plan.

The records management practices set out in the Model Plan and supported by the Guidance are essentially a matter of good business administration. Therefore, authorities should already be complying with the bulk of these, including the allocation of adequate resources to support their records management arrangements. Authorities should use the Model Plan and Guidance to assess the effectiveness of their existing records management arrangements. Any deficiencies will need to be addressed including where necessary some reallocation of existing resources. In considering what remedial action will be appropriate, authorities should consult the Model Plan and Guidance and take account of the consequences of failing to comply with the Act.

It is important to note that establishing effective records management arrangements will deliver significant benefits for authorities – for example it will help to:

• Increase efficiency and effectiveness, delivering savings in administration costs
• Improve and develop service delivery
• Achieve business objectives and targets
• Ensure compliance with the Public Records (Scotland) Act 2011 and other legislative requirements, standards and codes of conduct
• Support transparency and open government

The scope of the Model Plan applies to all records irrespective of the technology used to create and store them or the type of information they contain.

Model Records Management Plan

This Model Plan has 14 elements. The Keeper expects each of these elements to be addressed in a RMP submitted by an authority.

The order in which these elements appear is not prescriptive, nor does a RMP have to use the Model Plan numbering sequence. However, an authority’s submitted RMP must refer to these elements to confirm that they are not applicable in a particular case and to provide an explanation of the omission.

The 14 elements are:

  1. Senior management responsibility
  2. Records manager responsibility
  3. Records management policy statement
  4. Business classification
  5. Retention schedules
  6. Destruction arrangements
  7. Archiving and transfer arrangements
  8. Information security
  9. Data protection
  10. Business continuity and vital records
  11. Audit trail
  12. Competency framework for records management staff
  13. Assessment and review
  14. Shared information

Whilst it is not compulsory for authorities to slavishly copy the Model Plan, certain elements of it are required under the Act. If an authority decides against including a non-compulsory element in their own RMP, the Keeper will expect to see an explanation in support of that decision.

Compulsory elements

The Act specifically requires a public authority to include certain elements in its records management plan:

1 Records management plans:

(2) An authority's records management plan must—

(a) identify—
(i) the individual who is responsible for management of the authority’s public records, and
(ii) (if different) the individual who is responsible for ensuring compliance with the plan, and

(b) include, in particular, provision about—
(i) the procedures to be followed in managing the authority's public records,
(ii) maintaining the security of information contained in the authority’s public records, and
(iii) the archiving and destruction or other disposal of the authority’s public records.

It unlikely the Keeper would agree a RMP that does not include elements 1, 2, 3, 6, 7 and 8

Element 1: Senior management responsibility:
Section 1(2)(a)(i) of the Act specifically requires a RMP to identify the individual responsible for the management of the authority's public records.

An authority's RMP must name and provide the job title of the senior manager who accepts overall responsibility for the RMP that has been submitted.

It is vital that the RMP submitted by an authority has the approval and support of that authority’s senior management team. Where an authority has already appointed a Senior Information Risk Owner, or similar person, they should consider making that person responsible for the records management programme. It is essential that the authority identifies and seeks the agreement of a senior post-holder to take overall responsibility for records management. That person is unlikely to have a day-to-day role in implementing the RMP, although they are not prohibited from doing so.

As evidence, the RMP could include, for example, a covering letter signed by the senior post-holder. In this letter the responsible person named should indicate that they endorse the authority's record management policy (See Element 3).

Read further explanation and guidance about element 1.

Element 2: Records manager responsibility:
Identify individual within the authority, answerable to senior management, to have day-to-day operational responsibility for records management within the authority [footnote 2].

Section 1(2)(a)(ii) of the Act specifically requires a RMP to identify the individual responsible for ensuring the authority complies with its plan.

An authority's RMP must name and provide the job title of the person responsible for the day-to-day operation of activities described in the elements in the authority's RMP. This person should be the Keeper's initial point of contact for records management issues.

It is essential that an individual has overall day-to-day responsibility for the implementation of an authority's RMP. There may already be a designated person who carries out this role. If not, the authority will need to make an appointment. As with element 1 above, the RMP must name an individual rather than simply a job title.

It should be noted that staff changes will not invalidate any submitted plan provided that all records management responsibilities are transferred to the incoming post holder and relevant training is undertaken.

This individual might not work directly for the scheduled authority. It is possible that an authority may contract out their records management service. If this is the case an authority may not be in a position to provide the name of those responsible for the day-to-day operation of this element. The authority must give details of the arrangements in place and name the body appointed to carry out the records management function on its behalf.

It may be the case that an authority's records management programme has been developed by a third party. It is the person operating the programme on a day-to-day basis whose name should be submitted.

Read further explanation and guidance about element 2.

Element 3: Records management policy statement:
A records management policy statement underpins effective management of an authority's records and information. It demonstrates to employees and stakeholders that managing records is important to the authority and serves as a mandate for the activities of the records manager.

The Keeper expects each authority's plan to include a records management policy statement. The policy statement should describe how the authority creates and manages authentic, reliable and useable records, capable of supporting business functions and activities for as long as they are required. The policy statement should be made available to all staff, at all levels in the authority.

The statement will properly reflect the business functions of the public authority. The Keeper will expect authorities with a wide range of functions operating in a complex legislative environment to develop a fuller statement than a smaller authority.

The records management statement should define the legislative, regulatory and best practice framework, within which the authority operates and give an overview of the records management processes and systems within the authority and describe how these support the authority in carrying out its business effectively. For electronic records the statement should describe how metadata is created and maintained. It should be clear that the authority understands what is required to operate an effective records management system which embraces records in all formats.

The statement should demonstrate how the authority aims to ensure that its records remain accessible, authentic, reliable and useable through any organisational or system change. This would include guidelines for converting or migrating electronic records from one system to another.

The records management statement should include a description of the mechanism for records management issues being disseminated through the authority and confirmation that regular reporting on these issues is made to the main governance bodies.

The statement should have senior management approval and evidence, such as a minute of the management board recording its approval, submitted to the Keeper.

The other elements in the RMP, listed below, will help provide the Keeper with evidence that the authority is fulfilling its policy.

Read further explanation and guidance about element 3.

Element 4: Business classification
A business classification scheme describes what business activities the authority undertakes – whether alone or in partnership.

The Keeper expects an authority to have properly considered business classification mechanisms and its RMP should therefore reflect the functions of the authority by means of a business classification scheme or similar.

A business classification scheme usually takes the form of a hierarchical model or structure diagram. It records, at a given point in time, the informational assets the business creates and maintains, and in which function or service area they are held. As authorities change the scheme should be regularly reviewed and updated.

A business classification scheme allows an authority to map its functions and provides a structure for operating a disposal schedule effectively.

Some authorities will have completed this exercise already, but others may not. Creating the first business classification scheme can be a time-consuming process, particularly if an authority is complex, as it involves an information audit to be undertaken. It will necessarily involve the cooperation and collaboration of several colleagues and management within the authority, but without it the authority cannot show that it has a full understanding or effective control of the information it keeps.

Although each authority is managed uniquely there is an opportunity for colleagues, particularly within the same sector, to share knowledge and experience to prevent duplication of effort.

All of the records an authority creates should be managed within a single business classification scheme, even if it is using more than one record system to manage its records.

An authority will need to demonstrate that its business classification scheme can be applied to the record systems which it operates.

Read further explanation and guidance about element 4.

Element 5: Retention schedules
A retention schedule is a list of records for which pre-determined disposal dates have been established.

Section 1(2)(b)(iii) of the Act specifically requires a RMP to include provision about the archiving and destruction or other disposal of the authority’s public records.

An authority’s RMP must demonstrate the existence of and adherence to corporate records retention procedures. The procedures should incorporate retention schedules and should detail the procedures that the authority follows to ensure records are routinely assigned disposal dates, that they are subsequently destroyed by a secure mechanism (see element 6) at the appropriate time, or preserved permanently by transfer to an approved repository or digital preservation programme (see element 7).

The principal reasons for creating retention schedules are:

• to ensure records are kept for as long as they are needed and then disposed of appropriately
• to ensure all legitimate considerations and future uses are considered in reaching the final decision.
• to provide clarity as to which records are still held by an authority and which have been deliberately destroyed.

"Disposal" in this context does not necessarily mean destruction. It includes any action taken at the agreed disposal or review date including migration to another format and transfer to a permanent archive.

A retention schedule is an important tool for proper records management. Authorities who do not yet have a full retention schedule in place should show evidence that the importance of such a schedule is acknowledged by the senior person responsible for records management in an authority (see element 1). This might be done as part of the policy document (element 3). It should also be made clear that the authority has a retention schedule in development.

An authority's RMP must demonstrate the principle that retention rules are consistently applied across all of an authority's record systems.

Read further explanation and guidance about element 5.

Element 6: Destruction arrangements
It is not always cost-effective or practical for an authority to securely destroy records in-house. Many authorities engage a contractor to destroy records and ensure the process is supervised and documented.

Section 1(2)(b)(iii) of the Act specifically requires a RMP to include provision about the archiving and destruction, or other disposal, of an authority's public records.

An authority's RMP must demonstrate that proper destruction arrangements are in place.

A retention schedule, on its own, will not be considered adequate proof of disposal for the Keeper to agree a RMP. It must be linked with details of an authority's destruction arrangements. These should demonstrate security precautions appropriate to the sensitivity of the records. Disposal arrangements must also ensure that all copies of a record - wherever stored - are identified and destroyed.

Read further explanation and guidance about element 6.

Element 7: Archiving and transfer arrangements
This is the mechanism by which an authority transfers records of enduring value to an appropriate archive repository, specifying the timing of transfers and other terms and conditions.

Section 1(2)(b)(iii) of the Act specifically requires a RMP to make provision about the archiving and destruction, or other disposal, of an authority's public records.

An authority's RMP must detail its archiving and transfer arrangements and ensure that records of enduring value are deposited in an appropriate archive repository. The RMP will detail how custody of the records will transfer from the operational side of the authority to either an in-house archive, if that facility exists, or another suitable repository, which must be named. The person responsible for the archive should also be cited.

Some records continue to have value beyond their active business use and may be selected for permanent preservation. The authority's RMP must show that it has a mechanism in place for dealing with records identified as being suitable for permanent preservation. This mechanism will be informed by the authority's retention schedule which should identify records of enduring corporate and legal value. An authority should also consider how records of historical, cultural and research value will be identified if this has not already been done in the retention schedule. The format/media in which they are to be permanently maintained should be noted as this will determine the appropriate management regime.

Read further explanation and guidance about element 7.

Element 8: Information security
Information security is the process by which an authority protects its records and ensures they remain available. It is the means by which an authority guards against unauthorised access and provides for the integrity of the records. Robust information security measures are an acknowledgement that records represent a risk as well as an asset. A public authority should have procedures in place to assess and contain that risk.

Section 1(2)(b)(ii) of the Act specifically requires a RMP to make provision about the archiving and destruction or other disposal of the authority's public records.

An authority's RMP must make provision for the proper level of security for its public records.

All public authorities produce records that are sensitive. An authority's RMP must therefore include evidence that the authority has procedures in place to adequately protect its records. Information security procedures would normally acknowledge data protection and freedom of information obligations as well as any specific legislation or regulatory framework that may apply to the retention and security of records.

The security procedures must put in place adequate controls to prevent unauthorised access, destruction, alteration or removal of records. The procedures will allocate information security responsibilities within the authority to ensure organisational accountability and will also outline the mechanism by which appropriate security classifications are linked to its business classification scheme.

Information security refers to records in all or any format as all are equally vulnerable. It refers to damage from among other things: computer viruses, flood, fire, vermin or mould.

Current or semi-current records do not normally require archival standard storage. Physical records will however survive far better in a controlled environment. In broad terms the environment for current records should not allow large changes in temperature or excess humidity (as increased high temperatures and humidity are more likely to cause mould). If records are not adequately protected then the risk that the records could be damaged and destroyed is potentially higher and could lead to significant reputational and financial cost to the business.

Read further explanation and guidance about element 8.

Element 9: Data protection
An authority that handles personal information about individuals has a number of legal obligations to protect that information under the Data Protection Act 1998.

The Keeper will expect an authority's RMP to indicate compliance with its data protection obligations. This might be a high level statement of public responsibility and fair processing.

If an authority holds and process information about stakeholders, clients, employees or suppliers, it is legally obliged to protect that information. Under the Data Protection Act, an authority must only collect information needed for a specific business purpose, it must keep it secure and ensure it remains relevant and up to date. The authority must also only hold as much information as is needed for business purposes and only for as long as it is needed. The person who is the subject of the information must be afforded access to it on request.

Read further explanation and guidance about element 9.

Element 10: Business continuity and vital records
A business continuity and vital records plan serves as the main resource for the preparation for, response to, and recovery from, an emergency that might affect any number of crucial functions in an authority.

The Keeper will expect an authority's RMP to indicate arrangements in support of records vital to business continuity. Certain records held by authorities are vital to their function. These might include insurance details, current contract information, master personnel files, case files, etc. The RMP will support reasonable procedures for these records to be accessible in the event of an emergency affecting their premises or systems.

Authorities should therefore have appropriate business continuity plans ensuring that the critical business activities referred to in their vital records will be able to continue in the event of a disaster. How each authority does this is for them to determine in light of their business needs, but the plan should point to it.

Read further explanation and guidance about element 10.

Element 11: Audit trail
An audit trail is a sequence of steps documenting the movement and/or editing of a record resulting from activities by individuals, systems or other entities.

The Keeper will expect an authority's RMP to provide evidence that the authority maintains a complete and accurate representation of all changes that occur in relation to a particular record. For the purpose of this plan 'changes' can be taken to include movement of a record even if the information content is unaffected. Audit trail information must be kept for at least as long as the record to which it relates.

This audit trail can be held separately from or as an integral part of the record. It may be generated automatically, or it may be created manually.

Read further explanation and guidance about element 11.

Element 12: Competency framework for records management staff
A competency framework lists the core competencies and the key knowledge and skills required by a records manager. It can be used as a basis for developing job specifications, identifying training needs, and assessing performance.

The Keeper will expect an authority's RMP to detail a competency framework for person(s) designated as responsible for the day-to-day operation of activities described in the elements in the authority's RMP. It is important that authorities understand that records management is best implemented by a person or persons possessing the relevant skills.

A competency framework outlining what the authority considers are the vital skills and experiences needed to carry out the task is an important part of any records management system. If the authority appoints an existing non-records professional member of staff to undertake this task, the framework will provide the beginnings of a training programme for that person.

The individual carrying out day-to-day records management for an authority might not work for that authority directly. It is possible that the records management function is undertaken by a separate legal entity set up to provide functions on behalf of the authority, for example an arm's length body or a contractor. Under these circumstances the authority must satisfy itself that the supplier supports and continues to provide a robust records management service to the authority. The authority's RMP must confirm that it is satisfied by the standard of the records management provided by the supplier and name the organisation that has been appointed to carry out records management on the authority's behalf.

Where an authority's records management system has been put in place by a third party, but is operated on a day-to-day basis by a member of staff in the authority, it is the competencies of that member of staff which should be confirmed, not those of the third party supplier of the system.

Read further explanation and guidance about element 12.

Element 13: Assessment and review
Regular self-assessment and review of records management systems will give an authority a clear statement of the extent that its records management practices conform to the Records Management Plan as submitted and agreed by the Keeper.

Section 1(5)(i)(a) of the Act says that an authority must keep its RMP under review.

An authority's RMP must describe the procedures in place to regularly review it in the future.

It is important that an authority';s RMP is regularly reviewed to ensure that it remains fit for purpose. It is therefore vital that a mechanism exists for this to happen automatically as part of an authority's internal records management processes.

A statement to support the authority's commitment to keep its RMP under review must appear in the RMP detailing how it will accomplish this task.

Read further explanation and guidance about element 13.

Element 14: Shared Information
Under certain conditions, information given in confidence may be shared. Most commonly this relates to personal information, but it can also happen with confidential corporate records.

The Keeper will expect an authority's RMP to reflect its procedures for sharing information. Authorities who share, or are planning to share, information must provide evidence that they have considered the implications of information sharing on good records management.

Information sharing protocols act as high level statements of principles on sharing and associated issues, and provide general guidance to staff on sharing information or disclosing it to another party. It may therefore be necessary for an authority's RMP to include reference to information sharing protocols that govern how the authority will exchange information with others and make provision for appropriate governance procedures.

Specifically the Keeper will expect assurances that an authority's information sharing procedures are clear about the purpose of record sharing which will normally be based on professional obligations. The Keeper will also expect to see a statement regarding the security of transfer of information, or records, between authorities whatever the format.

Issues critical to the good governance of shared information should be clearly set out among parties at the earliest practical stage of the information sharing process. This governance should address accuracy, retention and ownership. The data sharing element of an authority's RMP should explain review procedures, particularly as a response to new legislation.

Read further explanation and guidance about element 14.


Footnotes:

1. The Forum included representatives from across the public sector and also from relevant professions and other stakeholders. The Forum provided the main mechanism to deliver cross sector agreement on issues relating to the form and content of this Model Plan and the accompanying Guidance Document. Members of the Forum represented the views of their respective sectors, as well as comments on the general principles of good records management. The Guidance Document is drawn from guidance already in existence or in the course of being developed. (back to main text)

2. The Keeper recognises that an authority may appoint more than one responsible person, e.g. where the post is shared. All those with records management responsibilities for the authority as part of their formal job description must be named in the RMP.