Tips for enforcing and implementing your records management policy

Tips for enforcing and implementing your records management policy

If your records management policy is going to bring benefits to your organization, including improved efficiency and compliance, you have to make sure that people follow it and that its principles are enforced.  This is designed to help you execute the policy and make sure its guidelines are applied throughout your organization.

1. Be prepared to enforce the policy
A policy that outlines the basic requirements for developing and implementing an RM program can be an effective informational guide for managers and employees. But should a legal or compliance issue occur, information and guidance are not sufficient to protect your organization.

A records management policy is a legally binding statement of corporate direction, so litigation, audits, and other proceedings can bring the enforceability of the policy under direct scrutiny. An organization does not meet its legal responsibilities by giving people a general idea of how to fulfil requirements—it must also provide reasonable assurance that employees will actually comply with these requirements.

One common method of providing such assurance is to describe the possible consequences of non-compliance, such as disciplinary action, dismissal, criminal charges, or civil action. Policies should also mandate proactive means of detecting and mitigating possible non-compliance, such as audits, inspections and reviews.

2. Keep it brief and simple
Excessively long and detailed policies have two critical flaws. First, people simply will not read a policy if it is too long, much less understand and apply it to daily business. Second, too much procedural detail is not appropriate for a corporate-wide policy.

Given the different vetting and senior management endorsements that such policies typically demand, it's impractical to initiate the same process every time there is a minor change in process or procedure.

The exact length and level of detail for your RM policies will vary depending on the governance culture and stylistic conventions of your organization, but one axiom applies everywhere: keep policies as brief and simple as possible, provided you cover all the key requirements.

3. Implementation is a must
Once the policy is finalized and endorsed, all individuals with identified roles should begin meeting their responsibilities head on. At the corporate level, this means developing and implementing each process or control described in the policy.

For example, if the policy attempts to enforce compliance via an audit process, then perform audits as soon as it is feasible to do so, taking any and all steps appropriate to remedy instances of non-compliance.

An effective RM policy provides mandates for action. A good RM program takes that action and turns otherwise ambitious directives into a daily reality that makes records work for business.