The UK National Archives (TNA) has this month issued a revised Records Management Code of Practice, as a consultation paper. Part 1 of the revised records management code now constitutes the best introduction to records management I've read. It is thorough, easy to read and illustrated with useful examples.
The revision of the Code is the latest episode in the records management profession's search for its holy grail: a compelling statement of best practice (with claws) that convinces organisations to take RM seriously and do it properly.
ISO 15489
The
first document to take on that challenge was the International Records
Management Standard, ISO 15489, published in October 2001. ISO 15489 has given
the profession some much needed gravitas, and a coherent theoretical
grounding. But its use as an education and influencing tool has limits
because it:
- is expensive: it has to be purchased from the British Standards Institute (BSI are currently charging £114 for the standard).
- is generic: it is bereft of illustrative examples because of the need to be applicable within the different legal and cultural environments existing across the world
- lacks an enforcement body or regime
- is not feasible: ISO 15489 describes perfection: one records system. with a perfect classification, perfect metadata and controls, out of which come perfect records: authentic, reliable and robust. In the messy reality of ever changing technology and working practices such perfection is impossible to achieve.
The Records Management Code 2002
In
November 2002 the Lord Chancellor's Code of Practice on the Management of
Records was published. It was issued under section 46 of the Freedom of
Information Act 2000 (FOIA), and is commonly referred to as the
Records Management Code.
This Code had several advantages over ISO 15489. It was
- UK specific (or rather specific to England, Wales and Northern Ireland. Scotland has its own Code)
- Free
- Enforceable: although the Code is not mandatory on public authorities, the Information Commissioner can produce a reputation-damaging 'Notice to improve practice' against any public authority failing to meet the provisions of the Code.
- Realistic: it is seeking to establish the level of records management necessary to enable authorities to meet their FOIA obligations. It is not seeking to mandate a records management nirvana.
The greatest strength of the Records Management Code, its legislative mandate, is also its biggest weakness. Section 46 of FOIA specifies that the Code must provide two different sets of advice to two distinct but overlapping groups of organisations:
- guidance to all public authorities on how to manage records so as to meet their obligations under FOIA (Part 1 of the Code)
- guidance for those organisations subject to the Public Record Acts on how to select and transfer records of historical value to the National Archives or its Northern Ireland equivalent. (Part 2 of the code).
The problem is that the Freedom of Information Act applies to the wider public sector, including for example local government and universities. The Public Record Acts apply mainly to Central Government. So most of the organisations reading the Code don't need the provisions of part 2. Records managers from non-public records bodies have reported that their colleagues had been confused by part 2 and failed to realise that it was not applicable to their organisations.
Other weaknesses of the 2002 Code were that:
- It followed ISO 15489 in speaking of a records system (singular) as though assuming the existence of an enterprise wide EDRM
- It lacked illustrative examples. For example it said that records should be appropriately organised, indexed and described without giving advice on how that should be achieved
- it split out advice on electronic records from advice on paper records rather than tackling issues thematically across all formats.
The Records Management Code 2008 (Consultation draft)
The revised Code has several advantages over the 2002 version:
- It more clearly seperates part 1 of the code from part 2: the first clause of part 2 states that it only applies to public record bodies
- It bridges the gap between generic best practice and the more messy reality by providing illustrative examples for the points that it makes.
- It gives more detailed advice on issues such as digital preservation and business continuity (though still at the level of what should be done rather than how it should be done.)
- It takes a neutral stance on EDRM. It talks about records systems in the plural rather than in the singular, so it has removed the subliminal bias in favour of an enterprise wide EDRMS, and recognises that most organisations (whether they have EDRMS or not) will have their records spread across a number of systems.
My response to the consultation on the 2008 Code
The
revised Code is issued as a consultation, and comments have been asked
for. These are the three areas in which I think the Code could improve:
- Allow people to print off part 1 without printing part 2: give part 1 and part 2 a distinct identity as documents so that organisations not covered by part 2 don't have to concern themselves with it. This could be done by presenting the Code as three separate PDFs: a foreward, part 1, and part 2.
- Define business classifications (fileplans). This is a divisive issue. Enterprise wide business classifications, based on function and activity rather than organisational structure, are one of the hardest things for users to get used to when EDRM systems are implemented. Business classification (the act of mapping out the things an organisation does, for use in organising records) forms the intellectual basis of ISO 15489. The TNA's 2002 specification of requirements for EDRM systems was built around business classifications, ensuring that systems are able to hold them, and to link retention and access rules to them. The 2002 Code didn't make any mention of them. The 2008 Code mentions business classifications/ fileplans as one way of enabling people to understand the context of a record and its relationship to other records. It lists a couple of benefits of business classifications/fileplans but stops short of recommending or mandating them. I would like the Code to define business classification, and to state that business classifications can be completed at any scale: you can classify a whole organisation or any part(s) of it.
- State the importance of change management. However well designed a records system is, it won't bring any business or compliance benefits if the users don't give the time, effort and thought needed to keep a good record of their work. Change management activities are vital for the success of any records system. I define change management as those activities that provide colleagues with the opportunity to influence the design of the records system for their area, and which aim to improve their confidence and motivation in using the system.
Comments