Mile2 Cybersecurity Certifications

Reply To: OCU C)ISSO D Discussion Lesson 06

Kevin Mehok

IST3100 Information Systems Security Officer
Week Two
Lesson 6 Discussion

What Is Records Management? Well, this week we have learned that records management (RM), also known as records and information management (RIM), is an organizational function responsible for the creation and maintenance of a system to deal with records throughout a company’s lifecycle (Weller, 2017). RM includes everything from the creation of a record to its disposal (Weller, 2017). Essentially, it comprises anything that is part of a business transaction (Weller, 2017).

Some people use the term information governance (IG) when talking about records management (Weller, 2017). IG is the management of information to support an organization’s present and future, keeping in mind the regulatory, legal, environmental, and operational requirements (Weller, 2017). It includes the structure, policies, procedures, and processes necessary to manage all the information stored within an organization (Weller, 2017).

What Makes Something a Record? We learned this week that a record is somewhat complicated (Weller, 2017). The International Organization for Standardization (ISO) is an independent, non-governmental international organization that develops international standards to be implemented globally throughout its 162 national standards bodies (Weller, 2017). The ISO 15489-1:2001 defines records as “information created, received, and maintained as evidence and information by an organization or person, in pursuance of legal obligations or in the transaction of business” (Weller, 2017). ISO 15489 is divided into two parts: concepts and principles, and guidelines (Weller, 2017). Together, the two parts provide an outline for a comprehensive records management program (Weller, 2017).

Essentially, a record is content that documents a business transaction (Weller, 2017). A record usually does not include drafts, duplicates, or convenience copies of documents (Weller, 2017). For example, a final response to a proposal is a record, but the drafts, comments about the drafts, and correspondence about the proposal might not be (Weller, 2017). Personnel files are records, as are social media posts and instant messages (therefore, records management does not just involve paper documents)(Weller, 2017). According to The Global Trade Association for Information Management Companies (PRISM), courts consider all of the following to be records: doodles on a paper napkin, core samples from oil exploration, a pipe with a part number on it, and sections of frozen tissue samples (Weller, 2017).

A record serves as evidence of an event. Therefore, you can often take a record into a court of law to prove authenticity, reliability, integrity, and usability (Weller, 2017). Records can provide necessary documentation for an audit, court case, or other official uses (Weller, 2017).

A record can also be anything that includes personally identifiable information (PII) (Weller, 2017). Companies that are in the financial services, health, government, or legal sectors must be particularly aware of this kind of record (Weller, 2017).

God Bless,



Weller, J. (2017)


Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .