Records and Records Management
Records and Records Management
Records and records management both are important aspects for managing the organization. In the present day environment, it is a fact that without reliable recorded evidence, managing of the organization becomes an uphill task since it affects both the processes of monitoring the performance and the decision making. Without the reliable records, the situation in the organization can ultimately become chaotic.
As per the ‘records management standards’ ISO 15489.1, a record is defined as ‘information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business’. ISO 15489.1 also define records management as the ‘field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records’.
Records are required to be maintained as evidence for the purpose of accountability. They are to be trustworthy in order to stand as evidence. In the organization, a large amount of time is spent on creating documents. As per ISO 15489.1, a document is defined as any ‘recorded information or object which can be treated as a unit’. With such a general definition, a document can appear in a wide range of forms (e.g. process and production data, data analysis reports and other reports, contracts, letters, emails, memos, SMS text messages, and scraps of paper etc.). However, these information units are not records, or at least not until they have been placed under systematic control which can ensure certain key characteristics required for their use as evidence. As such, records and the process of records management are both related and dependent on each other. A record is needed to be managed systematically in order to ensure that it has got the evidential value.
Records management practices are being developed since a long time. These practices focus on managing and protecting the records’ key evidential characteristics which contribute to their trustworthiness. Trustworthy records are necessary for the organization to meet its legislative and internal needs. From the records management perspective, the characteristics which are used to describe the trustworthiness of the records are (i) authenticity and provenance, (ii) reliability, (iii) integrity, and (iv) usability.
Authenticity and provenance – As per ISO 15489.1, an authentic record is one which can be proven to be what it purports to be, to have been created or sent by the person purported to have created or sent it, and to have been created or sent at the purported time. Records need policies and procedures which control and record the creation, transmission, receipt, and maintenance of the records for proving their authenticity. These systematic controls ensure that records creators are authorized and identified and that records are protected against unauthorized addition, deletion, and alteration. This means that there is to be a documented history of the record. This history of a record or object is called its provenance. Provenance is the fundamental principle of importance which contributes to the records’ authenticity. Provenance of records is of great significance since it provides vital elements for determining the relative trustworthiness level of the record.
Reliability – A reliable record is defined as one whose contents can be trusted as a full and accurate representation of the transactions, activities or facts to which they attest and can be depended upon in the course of subsequent transactions or activities. Records are required to be created at the time of the transaction or incident to which they relate, or soon afterwards, by individuals who have direct knowledge of the facts or by instruments routinely used within the organization to conduct the activity or transaction. The background of the record’s creation is important in determining its reliability. Automated, real-time capture of objective transaction information normally has the highest reliability, whereas timely first-hand accounts by individuals have slightly less reliability, as the content is necessarily filtered through personal subjective interpretation. Also, the record’s provenance or lineage can be used as evidence in support of a record’s reliability, with records created at the time of the event considered to be the most reliable.
Integrity – The integrity of a record refers to its being complete and unaltered. It is necessary that a record is to be protected against unauthorized alteration. Records management policies and procedures are to specify what additions or annotations can be made to a record after it is created, under what circumstances additions or comments can be authorized, and who is authorized to make them. Any authorized comment, addition or deletion to a record is to be explicitly indicated and traceable. For the integrity of records, there is the need for systematic management policies and procedures to guard against alteration and fraud. This again explains the need to capture a complete and auditable record of a record’s provenance as an important indicator of the record’s integrity. The risk of fraud in the provenance record (in addition to fraud in the record itself), has led to the development of secure provenance, especially in the electronic records. Also, the systems themselves need to have integrity. The perceived need for system integrity is also helping to build the case for the transparency.
Another aspect of integrity is the contextual and structural integrity of the content of records. This includes the physical and logical format and the relationships between content elements. Failure to maintain the structural integrity of the records can damage a record’s reliability and authenticity. It also has an impact on the record’s usability.
Usability – A usable record is one which can be found and understood in its original context. A usable record can be located, retrieved, presented, and interpreted. It is to be capable of later presentation as directly connected to the organizational activity or transaction which produced it. The contextual linkages of records are to carry the information needed for an understanding of the transactions which created and used them. It is to be possible to identify a record within the context of broader organizational activities and functions. The links between records which document a sequence of activities are to be maintained.
There are thus two aspects of a record’s usability namely (i) the usability of the record itself, and (ii) the functionality of the system which is managing the record. To keep an individual record usable, it is to be preserved over time. In general, the main objective of preservation is to allow future users to retrieve, access, decipher, view, interpret, understand, and experience documents, data, and records in meaningful and valid (that is, authentic) ways. One of the challenges for preservation is that records are to be altered to preserve them, and this impact on the record’s integrity and authenticity. Hence, a balance is to be maintained between authenticity and usability.
The second aspect of usability relates to the functionality of the system in which the record is being managed. The system is to have capability so that a usable record can be located, retrieved, presented and interpreted. In order to do that, sufficient information is to be captured about the record and the context of its creation and use. This information is to be sufficient to locate the record, while the contextual linkages are to provide an understanding of the transactions which created and used them.
There are three historical methods of record management which have been practiced. These methods are (i) the archive (ii) archival diplomatics, and (iii) bureaucratic record keeping. These three methods have been refined over time to meet the evidence requirements of the day, and now form the foundation of the present record management which also supports the legal system and the economy.
The archive – The word archive (Greek word ‘archeion’) describes the ‘keystone’ of an arch, thereby illustrating the role which the records play in preserving the delicate ‘arch of the organization’. To safeguard the critically important records, the ancient Greeks created a secure repository location in which they could store their historical recorded evidence. The Romans expanded the scope of their archivum by providing a public office in which citizens can record their transactions, thereby providing a location and legitimizing mechanism to create and guard the authenticity and reliability of their records. The archive became the safe house as well as the formal witness of action. Much of the success of Rome and its wealth from trade can be attributed to the confidence which the merchants had in the ‘truth’ of the records lodged in the archivum. This tradition has continued, with most modern organizations continuing to support central archives, a location to guard the authenticity and reliability of their records and history.
Archival diplomatics – The period following the fall of the Roman Empire coincided with the loss of the Roman archivum as witness and guardian of the community’s official records. However, the need for authenticity and reliability of documents (especially representing transactions or treaties) continued as a necessary part of a functioning of organization, market-place, or government. Lacking an archivum as the location / witness to provide legitimacy to documents, a mark of authenticity and reliability was instead embedded into the document itself. This created a profession of the notary and the jurist. This meant that an official state-appointed person provided that mark of legitimacy on the document (according to the rules of the diplomatics) as a method of determining authenticity and the provenance of these official documents in order to guard against fraud.
In other words, the methods of managing the key characteristics of a record (authenticity, reliability, integrity, and usability) effectively split into two halves. The first half consisted of the archive, a secure storage location and official witness of transactions and the second half there was the autonomous record (e.g., diplomas, certificates, etc.) signaling its trustworthiness through embedded markers of authenticity and reliability, supported by a range of officials trained to make and read those embedded markers.
Bureaucratic record-keeping -This represented the third wave of change which came when the big organizations became a reality around the world. This resulted into the development of the bureaucratic record-keeping approach. Big organizations had a lot of complexity and required standardized records to run geographically dispersed operations. They duly created powerful systematic control systems called registries. These registries (which were often located in regional offices, in contrast to the archive’s single, central location) effectively managed metadata (i.e., data about data) for two primary purposes namely (i) describing the records themselves, and (ii) describing the relationships between records. Registrars (the keeper of the registries) were now the guardians of authenticity, reliability and integrity for the new systems.
The bureaucratic record-keeping systems supported the current operations of organizations, and their records often had a relatively short period of value. Modern techniques and theory developed during this time focused on managing a record’s life-cycle, and these helped to guide records managers on rules of creation, use, storage, and eventual disposal of records. Present day organizations rely on all three methods to maintain reliable recorded evidence. However, the point at which each key characteristic is sufficient to raise the status of a document to that of a record is contingent on the interpretation of that characteristic and on the needs as defined by the management practices followed in the organization and the regulatory requirements.
During the 1970s, along with the introduction of computing and computerized information systems, the record-keeping and archival systems found themselves at a crossroads. Information was increasingly being stored electronically, and these electronic records did not fit well in their paper-based, records-life-cycle system being followed in the organizations. On one side it was argued that archival work was scholarly and that the methods supporting historical records should be shifted from a record’s content to its context as a way of dealing with the volume and format of these new electronic records. On the other side it was proposed to abandon the archives their traditional history-based orientation, and transform them into information system or digital system. This has created the issue of the separation of the digital information streams for declaring which one is the record and which one is only a document and not a record. These issues were difficult to resolve than they appear.
As an example, a digital office document could be considered self-contained, whereas a database query was only transitory. Also, computer dumps or backups, were not evidence of business transactions, but rather views or frozen snapshots of information, and views which were by definition incomplete, not linked to creator context or activity, and hence without assurance of reliability and authenticity. Hence, they were not considered as records. The main issues were (i) at what point does an electronic file becomes worthy of being called a record, (ii) what are the attributes of an electronic record, and (iii) how these attributes can be applied in the electronic medium where physical form is meaningless. Hence, for an electronic record-keeping system to be introduced into practice, it became essential that the definitions and attributes of an electronic record are determined.
Starting in the 1990s, there have been several efforts to develop these definitions and to set standards for electronic records and electronic record-keeping. The outcome of these efforts was the creation and standardization of record-keeping metadata which is defined as including ‘all standardized information that identifies, authenticates, describes, manages and makes accessible, through time and space, documents created in the context of social and business activity’. Several refinements were made which has resulted in a refined conceptualization of record-keeping metadata which became an international standard, ISO 23081.1. An example of a conceptual model for organizational electronic record-keeping metadata is shown in Fig 1.
Fig 1 Conceptual model for organizational electronic record-keeping metadata
Record-keeping models and theories
Organizational record-keeping has evolved mainly out of practice rather than based on the theoretical considerations. As the necessity of maintaining reliable evidence has increased in the present environment, record-keeping in the organizations are required to satisfy various requirements through evolving mechanisms, with the aim of maintaining reliable and trustworthy records to a level which is acceptable to the stakeholders. As such, record-keeping is mainly governed by the accepted norms. However, the norms change over time, and given the complexity and volume of information created in the present day digital age, it has been necessary to develop a theoretical foundation to build new solutions and information strategies. The main two theoretical concepts are (i) structurational concept of space-time distanciation, and (ii) Upward’s development of the records continuum model.
Structuration concept has evolved over time and consists of a model to explain the relationships between people (agents) and the organizational structure under which they function. At its heart, it attempts to reconcile the apparent theoretical differences of organizational systems such as agent / structure, micro / macro, and subjective / objective, etc. The concept is based on a model with three dimensions of structure (signification, dominance, and legitimation) which interact with three dimensions of interaction (communication, power, and sanction) through modalities (interpretive schemes, facility, and norms).
The concept of space-time distanciation refers to the intersecting points of space and time as being necessary coordinates to determine the structure of the organization at that place and that time. Structuration involves three ‘intersecting planes of temporality’ namely (i) dur’ee (the time frame of day-to-day life), dasein (the human lifespan), and the longue dur’ee (the time frame of the organization), thus the concept has a link between the individual to that of the longer lived organization. However, the structuration concept is often considered too broad to be used by itself. It provides a major theoretical pillar, though it specifies no details. It is more a guiding philosophy. The structuration concept has a theoretical approach to explain the constitution of the organization and provides a logical foundation for understanding how organizations form and change their norms over time. It also informs the changing level of acceptability which defines a record over time which is an important attribute in defining record-keeping requirements.
The records continuum model
Upward, during the development of his records continuum model, had studied the implication of the changing level of acceptability in the organization for the record-keeping. For the greater part of the twentieth century (up through the 1980s), the dominant model controlling the records management-archives relationship consisted of the life-cycle model. The life-cycle model was based on the premise that the life of a record can be divided into eight separate stages in two phases of each, starting with a records management phase consisting of the stages (i) creation or receipt of information in the form of records, (ii) classification of the records or their information in some logical system, (iii) maintenance and use of the records, and (iv) their final disposition through destruction or transfer to an archive. This is then followed by an archival phase consisting of the stages (i) selection/acquisition of the records by an archive, (ii) description of the records in inventories, and indexing etc., (iii) preservation of the records or, perhaps, the information in the records, and (iv) reference and use of the information by the users. The two phases were most often managed by completely separate set of departments in the organization. The records management phase is managed by the department based on its needs, followed by a handover of the records to an archival department supporting a different set of users and stakeholders governed by different policies and procedures. Inevitably, the archivists had little or no input into how records were initially captured, and they often neglected to identify permanently valuable records for the future.
The above split between the records management and archival phases of the life-cycle was later no longer acceptable. Hence, there was merging of the record-keeping and archival phases into a single continuum to help maintain contextual continuity throughout the managed life of a record. At the same time, archives were under a growing ‘threat’ by the spread of electronic documents and the Internet. In 1996, Upward noted that ‘if the archival profession is to avoid a fracture along the lines of paper and electronic media, it has to be able to develop ways of expressing its ideas in models of relevance to all ages of record-keeping’. To help practitioners move to a more unified approach to the records archival relationship, Upward introduced a new model based on the notion of time-space distanciation. The new model introduced a spacetime model for records. In short, a record can be and be interpreted in many dimensions across time. For example, they can be created (as a record) and created again (either in new contextual groupings or in reinterpretation) without the need for a linear approach to time. The model is a major transition in archival practice. The transition involves leaving a long tradition in which continuity was a matter of sequential control. Electronic record-keeping processes need to incorporate continuity into the essence of record-keeping systems and into the life-span of documents within those systems.
Upward’s records continuum model created an intersection of the main records life-cycle processes (creation, capture, organization, and pluralization) and dimensions of ‘recordness’ including evidentiality, transactionality, record-keeping containers, and identity. These were expressed metaphorically in concentric circles, where each of the processes can take place at intersections of different user dimensions in a sort of records space-time (Fig 2).
Fig 2 The records continuum – a space time model
The concentric circles expand into different user dimensions, which consist of different stakeholders and their requirements. These relationships are not necessarily linear, but can react and interact across both time and space. As an example, the record itself is, by definition, a snapshot in time. However, how the record is interpreted and re-presented can change depending on the view and the context of its use.
The four dimensions include (i) create which is the first dimension that focuses on the people, the acts themselves, and the documents which record the acts and trace and represent the acts, (ii) capture which is the second dimension that focuses on the personal and organizational record-keeping systems and the policies which ensure that the records are captured in context and in sufficient detail for use as evidence, (iii) organize which is the third dimension that focuses on the record-keeping processes within a department and ensures that the recordkeeping regime is sufficient to form an accurate memory of the organizational processes and functions, and (iv) pluralize which is the fourth dimension that embeds the records into the organization in which they reside and ensures that the records can be added beyond the service period of the people of the organization to the organizational memory.
The records continuum model is a way of thinking about record-keeping in both the departments and the organization. In this light, the model helps to identify key evidential, record-keeping, and contextual features of the continuum and places them in relationship to each other. It also represents the multi-dimensional nature of the record-keeping function. It maps the evidential, record-keeping, and contextual features of the continuum against the dimensions of the record-keeping function, and it finally places it in a broader socio-legal and technological environment.
The continuum approach to records as they exist in both space and time is critical to the mental move required to address the functional requirements and need for virtual archives to manage the future’s electronic records. Nevertheless, both structuration theory and the related records continuum model are an abstraction of reality and they still need a tangible method of application to record-keeping in general and electronic record-keeping in particular.
Electronic document and record management
By the turn of the millennium, the current record-keeping theory, in the form of Upward’s records continuum model, had caught the attention of much of the record-keeping profession and had formed the basis of the international standard ISO 15489. In addition, work had begun on defining the model of electronic record-keeping metadata (later published as ISO 23081) which were needed to make electronic record-keeping technically possible. The focus now turned to developing a system to create and manage electronic records.
Reorganizing record-keeping – In 2001, the State Records Authority of New South Wales (Australia) created a strategy called DIRKS (Designing and implementing record-keeping systems). This strategy was designed to assist organizations in setting up a compliant enterprise-wide record-keeping system. More recently, standard-setting authorities have built upon this foundation and either developed or adopted improved standards. Examples include the International Council on Archives (ICA)’s ‘Digital record-keeping Standard’ (2010), as well as checklist-style functional requirements on electronic record-keeping like those developed under the Australasian digital record-keeping initiative and adopted by the ICA, such as ‘Principles and Functional Requirements for Records in Electronic Office Environments’ (2008). DIRKS and other national and international manuals have provided a practical method for an organization to determine and document their record-keeping requirements and develop their contextual metadata strategies.
The creation of record-keeping functional requirements created a suitable foundation for a technology solution which can be used in digital office environments. This technology gap has been rapidly filled in the market by a number of commercial electronic record-keeping systems.
When focusing on possible enterprise-wide solutions, there is a strong differentiation between information systems and recordkeeping systems. The former cover the storage and retrieval of both information (as in data fragments in a database) and documents, while the latter focus on the more formal requirements of records management, which include protecting the key characteristics of records such as authenticity and integrity.
In the traditional life-cycle model, documents were generally only embedded in a formal record-keeping system (archive) after they had satisfied their initial purpose within the organization (often years after). However, the records continuum model introduced a ‘spacetime shift’ in the perception of records). The result of this shift in thinking was ultimately to push the ideal requirement for formal record-keeping as close to the moment of creation as possible.
It logically follows that any electronic system which has been designed to manage records is also to be intimately involved with its creation. In an effort to reconcile the differentiation between information systems and the record-keeping systems in terms of the management of documents, a single, combined ‘electronic document and records management system (EDRMS)’ is generally the most effective enterprise-wide solution. Several EDRMS solutions soon entered the marketplace to focus on EDRMS which has been defined as an automated system which is used to manage the creation, use, management, and disposal of physical and electronically created documents and records for the purpose of supporting the creating, revision and management of digital documents, improving the organization’s work-flow and providing evidence of its various activities.
Efforts to create standards for electronic record-keeping systems software soon followed, with some early examples including the European Commission’s MoReq, and the US department of defense’s ‘electronic records management software applications design criteria standard. The electronic record-keeping software standards continue to develop.
The development of national and international record-keeping standards and the push to develop electronic record-keeping systems arrived during the collapse of the dot-com bubble and after a number of high profile accounting scandals. The records management has gradually moved from a position on the very periphery of the organizational attention towards a far more central legal requirement for both public and private sector organizations. Given the legislative imperative, the operational benefits, and the rapid adoption by large organizations, the EDRMS quickly joined other whole of- enterprise systems, which include Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), and Supply Chain Management (SCM). EDRMS as a class is now the predominant solution available to the organizations to centrally manage their electronic records.
EDRMS being a foundational technology supports a true organizational transformation. It is the key enabler for two main reasons namely (i) e-records are one aspect of the modernization process, since the electronic management of electronic information is a necessary enabler for sustainable organizational change, and (ii) better management is essential to meet information policy and compliance requirements in this modernized environment.
However, EDRMS are not without their limitations. In terms of record-keeping models, the EDRMS is based on the records repository model. The current electronic file standards do not (yet) include sufficient and trustworthy information to make individual files into records in their own right, so it remains the act of lodging the electronic file into an EDRMS which provides it with its legitimacy. Furthermore, the process of lodging the document remains a manual one. Another limitation of EDRMS applications is that they typically only manage the ‘office’-type documents, and often exclude records represented in other enterprise business systems and Web 2.0 platforms, which arguably create the bulk of ‘records’ in most organizations. A significant scope enhancement to the EDRMS concept which expands its domain to include automated collection of evidence of transactions taking place in other systems across the organization via the use of a common service-oriented architecture is necessary.