Record Management Policy
Template version History
ISO 27001 and ISO 27002 Compliant
The Record Management process is the systematic control of the
creation, maintenance, use, and disposition of records. It includes
the planning, controlling, directing, organizing, training,
promoting, and other managerial activities involved in records
creation, maintenance and use, and disposition in order to achieve
adequate and proper documentation of the policies and transactions
of the enterpand effective and economical management of agency
operations
Included with the template are a HIPAA Audit Program Guide
and a 19 page ISO 27001 & 27002 Security Process Audit Checklist.
Version 1.0 October 2008
- Expanded Email Retention and Destruction
Section
- Added Document Retention and Destruction
Table in Appendix
Version 1.0 September 2008
Record Management,
Retention, and Destruction Policy Template Contents
You areas included with
this policy template are:
- Record retention requirements for SOX
sections 103a, 302, 404, 409, 801a and 802.
- Policy
- Standard
- Scope
- Responsibilities
- Record Management
- Compliance and Enforcement
- Email Retention and Compliance (Policy)
- Job Description Manager Record Administrator
- 12 forms for Record Retention and Disposition
Schedule
- List of Document Types with retention and
destruction time periods
You can download the Table
of Contests and selected pages for this policy template.
