Information Audit/ Records Audit

Time to map information within your organization.
Time to map information within your organization.

The term ‘information audit’ is not applied with a consistent meaning as its definition depends on the objectives of the organisation undertaking the audit. For the past twenty years an accepted definition has been ‘a process undertaken to identify an organisation’s information needs and assets, the way the needs are meet, how the assets are created and how they are managed and used’.

Although the above definition causes uncertainty around the interpretation of ‘information assets’ it is generally understood to be a process that identifies the information needs of business processes and departments and individuals, and draws a map of the information assets of the organisation.

When is the last time you carried out an Information Audit? Is this familiar with your records?
When is the last time you carried out an Information Audit? Is this familiar with your records?

It develops the organizational understanding of:

  • where and how information is created;
  • information flows, use and bottlenecks;
  • information gaps and duplication;
  • information quality, impact and value;
  • how well information is managed to meet legal and contractual requirement;
  • effect of technical platforms and organisational culture on the use of information;
  • how information is being managed and used to support business objectives.

Records Management Audit is no different from information Audit. The procedures are the same and the candidates of investigation the only difference being that RM does not cover information that cannot professionally be described as records since records referred to documents or information that has been declared as records. RM Audit will therefore deal with this class of information that has unique characteristics from the general body of information.

It is necessary to put in the right mechanisms to bring to fruition a RIM Audit in an organisation. Some of the steps one has to go through are:

(I)  Defining the Stakeholders and Drivers
Like people, every organization is unique. Each has its own personality, objectives, stakeholders, drivers, and performance measures. The audit team must identify and understand each of these elements in order to shape the audit to meet the organization’s unique needs.

Your ability to come up with a retention policy is dependent on one thing: UNDERSTANDING YOUR RECORDS through a RECORDS AUDIT
Your ability to come up with a retention policy is dependent on one thing: UNDERSTANDING YOUR RECORDS through a RECORDS AUDIT

A significant step in the audit is to identify the stakeholders involved in and affected by the RIM program and those stakeholders’ drivers. Recognizing the stakeholders and
understanding their diverse drivers will provide insight into the needs driving the RIM program audit and empower the audit team with the ability to connect with the stakeholders in the context of their functions.

Although everyone within an organization creates records and information and is responsible for that content, the audit team must identify and use key personnel, or champions, from within each stakeholder group to keep the process moving. This step requires buy-in from these individuals – a task that can be handled now that their organizational drivers have been uncovered and the auditors can communicate with them on their level and in their language.


Checklist of Documentation Required for Records Management Audit

  • Relevant organizational structure chart
  • Mission statements for organization and/or department
  • Records management mission statement
  • Records management policy
  • Records management procedures (might be a manual) used by the records management team, including any in-house training material or details of other training
  • Specifications for automated records management systems for paper records
  • Specifications of records management systems for digital records
  • Retention schedules
  • Access authorizations
  • Accession records
  • Documentation on records destruction or contracted-out services
  • Written specifications for shelving, boxing, and storage facilities
  • Vital records inventory
  • Vital records protection procedures, including recovery in event of disaster
  • Business continuity plan
  • Agreements with any third-party service providers for business continuity services
  • Surrogacy program (digitization or microfilm/fiching) documentation
  • Staff job descriptions both within and outside records management team

If you require expert Records Management Audit, you have to partner with an expert organisation to take you through this critical stage of understanding your records.

Kenvision Solutions, the solution provision arm of Kenvision Techniks Group offers the highest quality RIM services with a solid commitment to honesty, integrity and exquisite customer service. We provide clients with tailored records and information management solutions, delivering the business intelligence that matters most — and we do it more efficiently and reliably than anyone else, particularly in highly regulated industries. To learn more, email or call us: +254725579251 or +254731983372