The Keeper of the Records of Scotland (the Keeper) is required, under section 1.4 of the Act, to issue guidance to ‘the form and content’ of the Model Records Management Plan.
Section 9 of the Act permits the Keeper to offer guidance beyond the form and content of the Model Plan. The Keeper considers that, further to fulfilling a statutory requirement, this Guidance Document should provide links to other guidance on records management. It is hoped that this will encourage best practice generally and to further a culture of improvement in Scottish public sector records management.
General Records Management Guidance
National Records of Scotland
The National Records of Scotland offer guidance and advice for organisations considering implementing or expanding a records management programme.
Link to NRS web archive.
Scottish Ministers’ Code of Practice on records management by Scottish public authorities under the Freedom of Information (Scotland) Act 2002 - ‘Section 61’ - Records Management Code of Practice
Many of the authorities scheduled under the Public Records (Scotland) Act 2011 will also have been scheduled under the Freedom of Information (Scotland) Act 2002 (FOI(S)A). The records management code, issued to set out practices authorities should follow to comply with FOI(S)A, was prepared in consultation with the Scottish Information Commissioner and the Keeper of the Records of Scotland. The updated version of the code was officially launched in December 2011 and, although the two pieces of primary legislation are entirely separate, the FOI(S)A code and the PR(S)A guidance are complementary.
Link: https://www.gov.scot/publications/code-of-practice-on-records-management/
Model Action Plan
The Keeper of the Records of Scotland has produced a generic Model Action Plan to assist Scottish public authorities in the development of records management arrangements which comply with the Freedom of Information (Scotland) Act 2002 section 61 Code of Practice on Records Management. The generic Model Action Plan should be read in conjunction with the section 61 code. It can be used by individual organisations as a guide, and can also be used as the basis for the development of sector-specific plans tailored to the needs and business practices of particular types of public authority.
Link to model action plan.
ISO ISO 15489-1:2016 Records Management
ISO 15489-1 (last reviewed in 2021) provides guidance on managing records in organisations, public or private, for internal and external clients. However, unlike other guidance offered here, the ISO document is not free. The link is to the ‘shop’ where it can be purchased. Appendix 2 of this Guidance Document lists other formal standards that refer to records management.
Link: https://www.iso.org/standard/62542.html
Office of the Scottish Information Commissioner (OSIC)
Although it is clearly designed for OSIC staff, their Information and Records Management Handbook offers best practice guidance generally and is a high-quality example of how staff guidance might be arranged.
Link: https://www.itspublicknowledge.info/sites/default/files/2022-04/InformationandRecordsManagementHandbook.pdf
University of Edinburgh
Also principally designed for use by their own staff, a large suite of guidance is freely available on the Edinburgh University website and features information that could, with a little adaptation, be of benefit for all organisations instigating a records management programme. For example, guidance on how to set up records management systems are available to download.
Link: https://www.ed.ac.uk/records-management
The UK Information Commissioner
To assist with data protection compliance, the Information Commissioner’s Office has developed several records management guidance documents. Although focused on the secure handling of personal information, many of the principles are ‘content-neutral’ and may represent a valuable addition to a records manager’s guidance suite.
Link: https://ico.org.uk/media/for-organisations/documents/1624142/section-46-code-of-practice-records-management-foia-and-eir.pdf
The National Archives UK (TNA) records management guidance
TNA offers a series of guides and standards for information management professionals including a large section on records management (click on ‘R’ under A-Z for ‘Records Management’ but be aware that other guidance may be of interest such as appraisal under ‘A’).
Link: http://www.nationalarchives.gov.uk/help/a-to-z/
Scottish Public Services Ombudsman (SPSO)
SPSO have taken the opportunity to unify records management guidance into a single published document, The Information Governance Handbook. This document includes the Records Management Plan in section 1 and the Records Management Policy in Section 2. Many of the security principles are also explained in the Handbook, including a section on ‘Managing Personal Data’. As a single point of reference, the Handbook appears to be a useful tool for SPSO staff. It is published on the SPSO website.
Link: http://www.spso.org.uk/sites/spso/files/communications_material/foi/corporate_documents/InformationGovernance(R.2017.04)W.pdf
Information and Records Management Society
IRMS is a membership organisation that is an association for information professionals and students. It provides support and brings together all those working in information governance, records management, data protection, information security and more, across all industry sectors, in the UK and beyond.
Link: https://irms.org.uk
Other Publications
Users of this guidance should be aware that there are several published works on records management which may prove useful when creating a RMP. You may be able to consult copies of these publications in larger libraries.
Self-assessment
Section 1(5)(i)(a) of the Act says that an authority must keep its RMP under review. One of the ways to comply with this requirement is to undertake a regular self-assessment exercise and to provide details of this to the Keeper (see element 13 below).
There are several records management self-assessment tools available that an authority might utilise. The following offers a few examples.
ARMS
The Scottish Council on Archives has developed a self-assessment tool called ARMS (Archives and Records Management Services). The Keeper of the Records of Scotland has endorsed ARMS as being entirely complimentary to their Model Plan and the aims of the Act. The Keeper considers the ARMS self-assessment tool may be instrumental in helping further a culture of good records management in Scotland as it was commissioned in Scotland by Scottish archive and records management professionals and designed specifically to assist Scottish authorities assess their own records management performance,
ARMS is described as ‘A quality improvement framework to improve the consistency and transparency of quality and performance measurement across archives and records management in Scotland’.
Although developed separately from the Public Records Act, ARMS is entirely complementary to the ‘improving’ spirit of that Act, and it is therefore a key piece of guidance in this document.
ARMS is primarily designed to be a flexible self-assessment tool that allows organisations undertaking a records management review to create an improvement plan. This is designed to be a self-development exercise rather than a formal systems audit. However, it is hoped that the project will lead to the identification of positives and negatives in current practice, and allow an organisation to target areas for improvement.
Link: http://www.scottisharchives.org.uk/arms
National Records of Scotland - Records Management Workbook
In 2006 the National Archives of Scotland (now part of the National Records of Scotland) made available a Records Management Workbook to permit organisations or auditors to check their records management procedures against the section 61 Code of Practice (issued under the Freedom of Information (Scotland) Act 2002). This tool can be adapted by public authorities intending to assess their records management provision in light of the Public Records (Scotland) Act 2011.
Link to NRS web archive
The National Archives
The National Archives has developed an automated support tool to help public authorities to evaluate and assess the performance of their records management systems.
Link: http://www.nationalarchives.gov.uk/information-management/manage-information/ima/
The UK Information Commissioner
To assist with data protection compliance, the Information Commissioner’s Office has developed a self-assessment Toolkit. Although focused on the secure handling of personal information, it may represent a useful starting point for an authority considering developing their own assessment process.
Link: https://ico.org.uk/for-organisations/sme-web-hub/checklists/data-protection-self-assessment/
It is worth remembering that many records management principles are relevant wherever in the world an organisation is based. There are several self-assessment toolkits developed for the public sector outside the UK that could be considered:
US
Records Management Self-Assessment (RMSA): https://www.archives.gov/records-mgmt/resources/self-assessment.html
Australia
Information Governance Agency Self-assessment Tools: https://www.ipc.nsw.gov.au/information-governance-agency-self-assessment-tools-privacy
New Zealand
Information Management Maturity Assessment: https://www.archives.govt.nz/manage-information/how-we-regulate/monitoring-and-audit/information-management-maturity-assessment.
See guidance under element 13 for the Keeper’s expectations around reviewing records management provision under the Act.
Please note that any samples provided in this Guidance should not be taken to represent the current procedures operational in the authority that provided the sample; they are for ‘inspiration’ only.
If you encounter difficulties opening linked websites or documents provided or if you have any uncertainties around the application of this guidance, or any other queries regarding compliance with the Act, please contact the Public Records (Scotland) Act Team at the National Records of Scotland.
