- Collection care
- Information and records management
- Digital preservation
- What to keep
- Reform of public bodies
- Public inquiry guidance
- Information principles
Information is managed
Each resource below is listed by type, and details the resource name, owner (in brackets), brief description and link.
This resource base is intended to be a 'living document'. If you wish to contribute a resource or comment on the accuracy of any of these resources please email: firstname.lastname@example.org
The Public Records Act 1958 / 1967 (Ministry of Justice / The National Archives) - The legislation governing the selection and transfer of public records.
The Freedom of Information Act 2000 (Ministry of Justice / Information Commissioner's Office) - UK government legislation defining what information public sector organisations are obliged to provide on request. To meet the obligations of the Act, public bodies must have effective information and records management processes in place; there is a code of practice on records management under section 46 of the Act.
The Data Protection Act 1998 (Ministry of Justice / Information Commissioner's Office) - Provision for the regulation of the processing of information relating to individuals, including obtaining, holding, use or disclosure of such information.
Environmental Information Regulations 2004 (Defra) - The Environmental Information Regulations (EIRs) give the general public certain rights of access to environmental information. The definition of environmental information in the EIRs is very wide and includes information that might not be considered environmental at first glance. EIRs only cover environmental information - Freedom of Information covers all information held by public authorities.
Guidance (records and information management)
The Cabinet Manual (Cabinet Office) - The Cabinet Manual sets out the main laws, rules and conventions affecting the conduct and operation of government, section. Chapter 11 covers records management (referencing the section 46 code of practice) and access to information.
The Civil Service Code (Civil Service) - The Civil Service Code, first published in 1996, sets out the core Civil Service values and the standards of behaviour expected of all civil servants in upholding these values. It establishes the importance of providing advice based on evidence and of keeping accurate official records.
Managing Information Risk (The National Archives) - A guide for accounting officers, board members and Senior Information Risk Owners (SIROs) on managing information risk; part of the guidance from the Cabinet Office Review of Data Handling Procedures in Government. Download the document below
Managing Information Risk (PDF, 3.70Mb)
Information Lifecycles (JISC) - JISC has a number of useful resources and toolkits (including their common framework for managing the impact of records management) covering information lifecycles, information management and records management.
Section 46 Code of Practice on the Management of Records (Ministry of Justice) - The Lord Chancellor's Code of Practice issued under section 46 of the FOI Act 2000 defines the outcomes that FOI bodies should be meeting in the management of their records and information.
Section 46 Implementation Guides (The National Archives) - These guides are being developed to support implementation of the outcomes defines in the Section 46 Code of Practice.
Digital continuity / digital information management (The National Archives) - The National Archives' digital continuity guidance provides a wealth of material on how to manage your digital information so that it can be found, opened, worked with, trusted and understood.
Digital Continuity Framework Information Management Services Lot (The National Archives) - This framework lot provides consultancy and support services for the practice of information management.
Digital Continuity Framework eDiscovery Solutions Lot (The National Archives) - This framework lot provides solutions to mine unstructured information, understand the nature of the content and discover and identify related information.
Digital Continuity Framework Digital Archiving Solutions Lot (The National Archives) - This framework lot covers information archiving solutions, including but not limited to files or email.
Digital Continuity Framework Data Storage Solutions Lot (The National Archives) - This framework lot is designed to support customers' need to manage their information efficiently through the analysis of current and future storage needs and alignment of this to an understanding of the current and developing storage market.
Information and records management resources (The National Archives) - The National Archives hosts many resources related to general issues in information and records management, from appraisal of Public Records through to disposal.
What To Keep (The National Archives) - 'What to keep' is an initiative from The National Archives to help government ensure that it knows what information to keep and for how long, and to put this into practice.
Guidance on the Management of Private Office Papers (The National Archives / Cabinet Office) - Records management policies and practices, including procedures specific to Private Offices. This includes accreditation regimes giving assurance in relation to the integrity and availability of information. Download this guidance below:
Guidance on the Management of Private Office Papers (PDF, 0.90Mb)
Guidance on Information and Records Management for Public Inquiries (The National Archives) - Specific guidance for Inquests and Inquiries on the management of their records and information.
Guidance on Information and Records Management During the Reform of Public Bodies (The National Archives) - Gudiance on making arrangements for the transfer of information, records and knowledge as part of any Machinery of Government change.
Guidance (information assurance)
The Data Handling Review (Cabinet Office) - The review into data handling procedures and its recommendations; contains mandatory standards and timelines for central government to manage the risks of creating, using and storing data and information.
The National Information Assurance Strategy (CSIA) - The 2007 National Information Assurance Strategy outlines an approach for the UK to adopt information risk management by ensuring the right level of professionalism, education and training and availability of IA products and services, as well as compliance and adoption of standards.
HMG Security Policy Framework (Cabinet Office) - The Security Policy Framework (SPF) provides central internal protective security policy and risk management for government.
The Information Assurance Maturity Model (CESG) - To assist SIROs in putting in place an effective change programme to improve information and records management an Information Assurance (IA) Maturity Model has been created underpinned by an IA Assessment Framework (IAAF). The IAAF can be used by departments that wish to conduct IA self-assessments, either by themselves, or with some limited support from CESG staff.
CESG Claims Tested Mark (CESG) - The CESG Claims Tested Mark (CCTM) scheme is a government quality mark for the public and private sectors based on accredited independent testing, designed to prove the validity of security functionality claims made by vendors. In more colloquial terms, the CCTM is designed to assure public bodies that a product or service does 'what it says on the box'.
Privacy Impact Assessments (ICO) - The handbook is designed to be a practical and comprehensive guide, aimed at organisations who are developing projects that might have implications for people's privacy. It will help organisations assess and identify any privacy concerns (a Privacy Impact Assessment) and address them at an early stage, rather than leaving the solutions as an expensive afterthought.
Local Government Data Handling Guidelines (Local Government Association) - The Local Government Data Handling Guidelines highlight recognised best practice in secure data handling, and provide local authorities with a vital aid in discharging their responsibilities and accountability for secure and effective handling of personal information. The publication sets the standard for local government moving forward.
The Management of Police Information (National Policing Improvement Agency) - MoPI is about making information relevant and accessible; ensuring that all police operational information is managed effectively. MoPI covers the whole of the information life cycle, through collection and recording, evaluation, sharing and review, retention and disposal.
JSP 747 - Defence Information Management Policy (Ministry of Defence) - This information management policy is issued by the Chief Information Officer (CIO) and applicable across Defence. It tries to demystify information management and help improve our collective ability to manage and exploit information more effectively.
Designing and Implementing Recordkeeping Systems (DIRKS) Manual (The National Archives of Australia) - The DIRKS manual provides the foundation for good record keeping. It is the cornerstone document in the comprehensive suite of best practice record keeping standards and guidelines.
MoReq 2010 (DLM Forum) - MoReq2010® aims to provide a comprehensive, but simple and easily understood set of requirements for a records system that is intended to be adaptable and applicable to divergent information and business activities, industry sectors and types of organisation. It avoids a 'one size fits all' approach to implementing a records management solution.
Information and documentation - Records management - Part 1 :General (BS ISO 15489-1:2001) - This standard applies to the management of records, in all formats or media, created or received by any public or private organisation in the conduct of its activities, or any individual with a duty to create and maintain records. It provides guidance on determining the responsibilities of organisations for records and records policies, procedures, systems and processes; records management in support of a quality process framework to comply with ISO 9001 and ISO 14001; and the design and implementation of a records system.
Information technology. Security techniques. Information security management systems. Requirements (BS ISO/IEC 27001: 2005 ) - The standard covers all types of organisation, including government agencies. It specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented information security management system (ISMS) within the context of the organisation's overall business risks. It specifies requirements for the implementation of security controls customised to the needs of individual organisations.
Information technology. Security techniques. Information security management systems. Code of Practice (BS ISO/IEC 27002: 2005) - Code of practice to help ensure compliance with BS ISO/IEC 27001:2005 (above).
Information security management systems. Guidelines for information security risk management (BS 7799-3:2006) - This standard gives guidance to support the requirements given in BS ISO/IEC 27001:2005 regarding all aspects of an information security management system risk management cycle. This includes assessing and evaluating the risks, implementing controls to treat the risks, monitoring and reviewing the risks, and maintaining and improving the system of risk controls. The focus of this standard is effective information security through an ongoing programme of risk management activities. This focus is targeted at information security in the context of an organisation's business risks.
Evidential weight and legal admissibility of electronic information - Specification (BS 10008) BS 10008 ensures that any electronic information required as evidence of a business transaction is afforded the maximum evidential weight. The process is based on the specification of requirements for planning, implementing, operating, monitoring and improving the organisation's information management systems.
Code of Practice for legal admissibility and evidential weight of information stored electronically (BIP 0008:2004) - The Section 46 Code of Practice on Records Management states: 'Authorities should seek to conform to the provisions of BSI's BIP 0008 Code of Practice for Legal Admissibility and Evidential Weight of Information Stored Electronically (2nd edition) - especially for those records likely to be required as evidence.' This document provides good practice guidance for the electronic creation, storage and retrieval of information.
Secure destruction of confidential material. Code of practice (BS 8470:2006) - The standard makes recommendations for managing and controlling the collection, transportation and destruction of confidential material to ensure that such material is disposed of securely and safely. The recommendations apply to an organisation's main business premises and any holding sites.
Knowledge management (PAS 2001:2001) - The guide examines knowledge management (KM) challenges, approaches and benefits, with examples of good practice from industry, commerce and academia. It helps organisations of all sizes assess their KM approach and impact, through the use of good practice examples. The guidance disseminates KM good practice to both UK and global audiences; provides case studies of KM interventions; presents KM concepts in concise and plain English; and details other KM resources.
Information and documentation - Records management processes - Metadata for records - Part 1: Principles (ISO 23081-1:2006) - ISO 23081-1:2006 covers the principles that underpin and govern records management metadata. These principles apply through time to records and their metadata; all processes that affect them; any system in which they reside; and any organisation that is responsible for their management.
Information and documentation - Records management processes - Metadata for records - Part 2: Conceptual and implementation issues (ISO/TS 23081-2:2007) - This establishes a framework for defining metadata elements consistent with the principles and implementation considerations outlined in ISO 23081-1:2006.
Information and documentation - Work process analysis for records (ISO/TR 26122:2008) - The report provides guidance on work process analysis from the perspective of the creation, capture and control of records. It identifies two types of analyses, namely functional analysis (decomposition of functions into processes), and sequential analysis (investigation of the flow of transactions).
Space data and information transfer systems - Open archival information system - Reference model (ISO 14721:2003) - ISO 14721:2003 specifies a reference model for an open archival information system (OAIS). It aims to establish a system for archiving information, both digitised and physical, with an organisational scheme composed of people who accept the responsibility to preserve information and make it available to a designated community.
Recommendations for the storage and exhibition of archival documents (BS 5454:2000) - BS 5454:2000 makes recommendations for the storage and exhibition of archival documents, including library materials.
Knowledge management in the public sector. A guide to good practice (PD 7504:2005) - This guide is for practitioners and senior management, looking at the potential and actual scope of activity and benefits of knowledge management in the public sector. It is intended for politicians and policy-makers, employees and managers, as well as wider stakeholders and the general public.
Linking knowledge management with other organizational functions and disciplines. A guide to good practice (PD 7506:2005) - This guide shows how to link knowledge management (KM) and other functions and processes, within and between organisations. It is intended for employees, managers, directors and anyone else interested in KM. It combines desk and primary research, and offers a comparison of different approaches and case studies.
This page contains PDF files. See plug-ins and file formats for help in accessing these file types.