Skip to main content
 
Practical Tools for Electronic Records Management and Preservation

Abstract

Introduction

Electronic Records Management Goals

Functional Requirements to Ensure the Creation, Maintenance, and Preservation of Electronic Records

The Records Requirements Analysis and Implementation Tool

The Records Requirements Elicitation Component

Records Requirements Implementation Component (RRIC)

General Guidelines
print html versionPrint Chapter (html)
print pdf versionPrint Chapter (pdf)
Functional Requirements to Ensure the Creation, Maintenance, and Preservation of Electronic Records

3 . System Reliability

System should be administered in line with best practices in the information resource management (IRM) field to ensure the reliability of the records it produces.

Justification: The acceptance of records for legal, audit, and other purposes is contingent on establishing their authenticity and reliability by demonstrating the trustworthiness of the system used to produce them. Systems that produce records must be shown to do so in the normal course of business and in an accurate and timely manner. System administration must incorporate established best practices in the data processing field. Policies, procedures, training and support programs, and controls must be documented.

  1. Recordkeeping system employed exclusively in normal course of business.
  2. Redundant (paper) recordkeeping system is discontinued.
  3. System management roles and responsibilities are assigned.
    1. Principle of separation of duties is implemented.
  4. Adequate system controls are in place.
    1. Audit trails developed and implemented within the system.
    2. Routine tests of system performance are conducted.
    3. Reliability of hardware and software is tested.
    4. Adequate security is provided to prevent unauthorized access, changes, and premature destruction of records.
    5. Controls for the accuracy and timeliness of input and output are established.
    6. Problem resolution procedures are in place.
  5. Disaster recovery plan is in place.
  6. All system management policies and procedures are defined and documented.
    1. Changes in policy and procedure are documented and implemented.
  7. Training and user support are adequate to ensure system procedures will be implemented by users.