Records and Information Management Policy
This document outlines Ofcom’s commitment to maintain records of its activities, the key
principles for managing records in
all media, and the roles of all colleagues in its management.
Who is responsible for Ofcom’s records?
All colleagues must ensure that comprehensive records are kept of all Ofcom’s activities, in
accordance with current guidelines and for as long as required by the retention schedules.
Line managers must ensure that all colleagues in their team carry out their responsibilities
in managing records and information, and are appraised on their performance.
Project Managers must ensure that a complete record of each project is maintained in
accordance with records management and project management guidelines.
Local Information Managers (LIMs) in each business group ensure compliance with the
policy and procedures, and promote effective information management within their team.
The Records and Information Management (RIM) Team operates a records and
information management programme to comply with relevant legislation and standards,
providing clear guidelines and practical procedures for all teams.
The Secretary of the Corporation as SIRO
(Senior Information Risk Owner) is responsible
for Ofcom’s records and information management framework.
Why do we keep records?
Ofcom must maintain a complete set of records for as long as required to:
Comply with relevant legislation such as the Public Records Act, Data Protection Act,
Freedom of Information Act and the
Code of Compliance on Records Management.
Provide evidence of Ofcom’s activities and decision making
Support and defend Ofcom’s position in litigation
Enhance business efficiency
Promote collegiality and knowledge sharing
Without such record keeping, Ofcom’s decisions will be vulnerable to a successful legal
challenge due to lack of or inadequacy of reasoning.
Ofcom’s records management principles:
Records and information are owned by Ofcom, not by the individual or team
Keeping records is an integral part of all business activities
A complete record of all activities must be securely stored in a shared location, easily
identified and accessible to those who need to see it
The complete record may be in any format, but preferably electronic – significant emails are
held alongside other information and must not be stored solely in personal mailboxes
Information will be held only as long as required, and disposed of in accordance with the
record retention policy and retention schedules
Practical
guidance is made available to enable teams to manage their information. A brief set
of key actions is available for
quick reference.
Monitoring the policy:
Failure to manage information in accordance with relevant legislation could have serious
consequences for Ofcom and its consumers. To ensure Ofcom meets the requirements:
the RIM Team will regularly monitor compliance within each team or group
Action plans will be developed with teams where improvements are required
Records due for disposal under the records retention policy will be reviewed with each team
or function on a regular basis, at least annually.
The policy and related guidelines will be reviewed annually.
Further information:
For related policies, see the
Ofcom Security Policy
For further information, please see the
Information Management Resources SharePoint site or
cont
act xxxxxxx.xxxxxxxxxx@xxxxx.xxx.xx
1