Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.

Slides:

Advertisements

Similar presentations

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

Advertisements

Module N° 3 – ICAO SARPs related to safety management

Organizational Governance

EMS Checklist (ISO model)

The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

Alaska Chapter of ARMA International Presented by: Dawn Kewan, ARMA Board Member & Treasurer February 6, 2014 Based on Generally Accepted Recordkeeping.

How a Large Company Used the Principles to Establish its Corporate Information Governance Robin Woolen, MBA, IGP President / Principal.

Effective Information Governance Legal Tech Asia Technology Summit March 3, 2014 Marilyn Bier, CEO ARMA International.

Coping with Electronic Records Setting Standards for Private Sector E-records Retention.

Security Controls – What Works

ISO General Awareness Training

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.

SAFA- IFAC Regional SMP Forum

Purpose of the Standards

Opportunities & Implications for Turkish Organisations & Projects

The Principles: How we incorporated them into our Business Process by Lawrie Barroner.

Auditing Standards IFTA\IRP Audit Guidance Government Auditing Standards (GAO) Generally Accepted Auditing Standards (GAAS) International Standards on.

Success with Information Governance Mike EverleyLaurie FischerRobin Martin Second Vice PresidentManaging DirectorSecond Vice President AmeritasHuron Consulting.

Control environment and control activities. Day II Session III and IV.

Session No. 3 ICAO Safety Management Standards ICAO SMS Framework

Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.

Compliance Presented by: Marty McNulty, ARMA Board Member.

Evolving IT Framework Standards (Compliance and IT)

Postgraduate Educational Course in radiation protection and the Safety of Radiation sources PGEC Part IV The International System of Radiation Protection.

Basics of OHSAS Occupational Health & Safety Management System

NIST Special Publication Revision 1

ISO 14001:2004, Environmental Management System

Developing an Effective Ethics Program

Principle of Protection By C’Les Jensema About ARMA International and the Generally Accepted Recordkeeping Principles® ARMA International (

INTERNAL CONTROL OVER FINANCIAL REPORTING

Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.

Internal Control in a Financial Statement Audit

Agency Risk Management & Internal Control Standards (ARMICS)

Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.

Assess Your Organization's Information Governance using the Generally Accepted Recordkeeping ® Principles September,

Compliance with IOSCO requirements AMEDA Leadership Forum Alexandria Egypt Monday 27 th April 2009 by Dr. Ashraf EL Sharkawy Senior Advisor to the CMA.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

General Principles for the Procurement of Goods and Services Asst. Prof. Muhammad Abu Sadah.

Holistic Approach to Security

ISO 9001:2008 to ISO 9001:2015 Summary of Changes

Hazards Identification and Risk Assessment

Priscilla Emery President, ECM Scope.  What is Compliance?  What is GARP?  What is considered Best Practice in this area?  A Framework for Compliance.

Webinar for FY 2011 i3 Grantees February 9, 2012 Fiscal Oversight of i3 Grants Erin McHughJames Evans, CPA, CGFM, CGMA Office of Innovation and Improvement.

ISO DOCUMENTATION. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Name.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.

Generally Accepted Recordkeeping Principles: The Principle of Transparency Alaska Chapter of ARMA International Presented by: Tara Carey, ARMA Board Member.

A New Standard for Disposal Mark Crookston Senior Advisor Appraisal Government Recordkeeping Group.

ISO RECORDS. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Describe.

OHSAS Occupational health and safety management system.

ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.

Maximizing the Value of Information Information Governance As A Strategic Framework Presenter: Margaret Hermesmeyer, MLIS, IGP, CRM Division Chief Information.

Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.

Presenters: Margaret Hermesmeyer, MLIS, CRMKevin Waldrup, MBA, CRM Chief, Records Management Division Records Management Administrator Office of the Attorney.

Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.

Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.

#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.

GS-R-3 vs. ISO 9001:2008 Requirements - 4

What Is ISO ISO 27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for BS It is intended.

On the Horizon: Excellence in Governance

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)

The Elements of appropriate Internal Controls

Taking the STANDARDS Seriously

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

An overview of Internal Controls Structure & Mechanism

CGSB and Electronic Records

Presentation transcript:

Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International

A set of objective records and information management principles to achieve a measureable, consistent RIM structure, fully insulated from individual and organizational influence or bias.

a clear statement to guide:  CEOs in determining how to protect their organizations in the use of information assets  Legislators in crafting legislation meant to hold organizations accountable  Records management professionals in designing comprehensive and effective records management programs

Records and recordkeeping are inextricably linked with any organized activity. It is only through the information an organization records in the normal course of business that it can know what it has done and effectively plan what it will do in the future.

 A key resource in the operation of any organization  Used in a way that effectively supports the activity of that organization

 identify the critical hallmarks of information governance  apply to all sizes of organizations, in all types of industries, and in both the private and public sectors

 Accountability  Transparency  Integrity  Protection  Compliance  Availability  Retention  Disposition

A senior executive (or person of comparable authority) oversees the recordkeeping program and delegates program responsibility to appropriate individuals. The organization adopts policies and procedures to guide personnel and ensure the program can be audited.

The processes and activities of an organization’s recordkeeping program shall be documented in an understandable manner and be available to all personnel and appropriate interested parties.

A recordkeeping program shall be constructed so the records and information generated or managed by or for the organization have a reasonable and suitable guarantee of authenticity and reliability.

A recordkeeping program shall be constructed to ensure a reasonable level of protection to records and information that are private, confidential, privileged, secret, or essential to business continuity.

The recordkeeping program shall be constructed to comply with applicable laws and other binding authorities, as well as the organization’s policies.

An organization shall maintain records in a manner that ensures timely, efficient, and accurate retrieval of needed information.

An organization shall maintain its records and information for an appropriate time, taking into account legal, regulatory, fiscal, operational, and historical requirements.

An organization shall provide secure and appropriate disposition for records that are no longer required to be maintained by applicable laws and the organization’s policies.

 gives a more complete picture of what effective information governance looks like.  Based on the eight GARP ® principles as well as a foundation of standards, best practices, and legal/regulatory requirements Registered Trademark of ARMA International

 Level 1 (Sub-standard)  Level 2 (In Development)  Level 3 (Essential)  Level 4 (Proactive)  Level 5 (Transformational)

Describes an environment where recordkeeping concerns are either not addressed at all, or are addressed in a very ad hoc manner.

Describes an environment where there is a developing recognition that recordkeeping has an impact on the organization, and that the organization may benefit from a more defined information governance program.

 describes the essential or minimum requirements that must be addressed in order to meet the organization's legal and regulatory requirements  characterized by defined policies and procedures, and more specific decisions taken to improve recordkeeping

 describes an organization that is initiating information governance program improvements throughout its business operations  information governance issues and considerations are integrated into business decisions on a routine basis,  the organization easily meets its legal and regulatory requirements

describes an organization that has integrated information governance into its overall corporate infrastructure and business processes to such an extent that compliance with the program requirements is routine.

Identify the gaps between the organization's current practices and the desirable level of maturity for each principle. Assess the risk(s) to the organization, based on the biggest gaps. Determine whether additional information and analysis is necessary. Develop priorities and assign accountability for further development of the program.

 Where are you?  Where would we like to be?  What is your Strategic Approach?

 ISO Information and Documentation-Records Management-Part 1: General  ISO/TR Information and Documentation-Records Management-Part 2: Guidelines  Records and Information Management Core Competencies

 GARP  GARP Maturity Model  GARP ® Health Checkup  Webinars (free for ARMA members)

Other GARP Education from ARMA (fee discount for ARMA members) Online Course: Generally Accepted Recordkeeping Principles® Overview onlinecourses/garp.cfm

Comments