Scottish Government records management plan

Element 3: Records management policy statement:

The authority has an appropriate policy statement on records management.

The Keeper expects each authority's plan to include a records management policy statement. The policy statement should describe how the authority creates and manages authentic, reliable and useable records, capable of supporting business functions and activities for as long as they are required. The policy statement should be made available to all staff, at all levels in the authority.

The statement will properly reflect the business functions of the public authority. The Keeper will expect authorities with a wide range of functions operating in a complex legislative environment to develop a fuller statement than a smaller authority.

The records management statement should define the legislative, regulatory and best practice framework, within which the authority operates and give an overview of the records management processes and systems within the authority and describe how these support the authority in carrying out its business effectively. It should be clear that the authority understands what is required to operate an effective records management system which embraces records in all formats.

The statement should demonstrate how the authority aims to ensure that its records remain accessible, authentic, reliable and useable through any organisational or system change. This would include guidelines for appropriate safe and secure storage of digital records and for any migration or transformation of digital records if they are moved from one system to another.

The records management statement should include a description of the mechanism for records management issues being disseminated through the authority and confirmation that regular reporting on these issues is made to the main governance bodies.

The statement should have senior management approval and evidence, such as a minute of the management board recording its approval, submitted to the Keeper.

The other elements in the RMP, listed below, will help provide the Keeper with evidence that the authority is fulfilling its policy.

Best Practice might include:

• The Policy Statement (Policy) sets out how the authority will manage its records in accordance with its Records Management Plan.
• The Policy includes provision for the lawful management of records that include personal data.
• The Policy includes a statement of the named posts that hold corporate and operational responsibility for records management (see element 1 and element 2).
• The Policy is regularly reviewed.

Read further explanation and guidance about element 3.

Scottish Government Statement

We have a strong Records Management policy in place which details the record keeping arrangements for Scottish Government.

Scottish Government is committed to a systematic and planned approach to the management of records within the organisation, from their creation to their ultimate disposal or archive. This approach ensures that Scottish Government can:

• control the quality, quantity and security of the information that it generates;
• maintain the information in an effective manner whilst ensuring compliance with our legislative requirements.

It has been approved by the SG Senior Information Risk Owner.

Evidence

E01: Records Management Policy

Further Development

We are in the process of developing an Information Management strategy which will complement the information provided in our Records Management policy. We plan to finalise this strategy in 2021.

Other than that we will continue to review our Records Management policy regularly in order to ensure that it continues to reflect the organisational position in relation to record keeping.