Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.

Slides:



Advertisements
Similar presentations
Why an international standard on Record Management?
Advertisements

COSO I COSO II. Meycor COSO, a Comprehensive Solution for Enterprise Risk Management (ERM)
Module N° 4 – ICAO SSP framework
EMS Checklist (ISO model)
The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.
Introduction to Records Management Policy
What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
1 Auditing in the Public Interest Records Management in the Victorian Public Sector Audit objective Audit had two objectives : The first objective was.
Alaska Chapter of ARMA International Presented by: Dawn Kewan, ARMA Board Member & Treasurer February 6, 2014 Based on Generally Accepted Recordkeeping.
August th PASAI Congress ISSAI Workshop Sarah Lineham Assistant Secretary-General – PASAI, Sector Manager NZ OAG Image here August 2011.
London Compliance MiFID Overview BCS 25 th April 2005 Simon Barker Head of Regulatory Affairs BNP Paribas London branch.
How a Large Company Used the Principles to Establish its Corporate Information Governance Robin Woolen, MBA, IGP President / Principal.
Effective Information Governance Legal Tech Asia Technology Summit March 3, 2014 Marilyn Bier, CEO ARMA International.
Coping with Electronic Records Setting Standards for Private Sector E-records Retention.
Security Controls – What Works
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
First Practice - Information Security Management System Implementation and ISO Certification.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Internal Control and Internal Audit
SAFA- IFAC Regional SMP Forum
ISA 220 – Quality Control for Audits of Historical Financial Information
Preparing Scotland’s first Records Management Plan Ava Wieclawska Records Manager.
The Principles: How we incorporated them into our Business Process by Lawrie Barroner.
Success with Information Governance Mike EverleyLaurie FischerRobin Martin Second Vice PresidentManaging DirectorSecond Vice President AmeritasHuron Consulting.
Control environment and control activities. Day II Session III and IV.
Internal Auditing and Outsourcing
Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM or
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The New Information Governance.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
Compliance Presented by: Marty McNulty, ARMA Board Member.
G17: Recordkeeping for Business Activities Carried out by Contractors Patrick Power, Manager Government Recordkeeping Programme Archives New Zealand.
Evolving IT Framework Standards (Compliance and IT)
Postgraduate Educational Course in radiation protection and the Safety of Radiation sources PGEC Part IV The International System of Radiation Protection.
Basics of OHSAS Occupational Health & Safety Management System
Principle of Protection By C’Les Jensema About ARMA International and the Generally Accepted Recordkeeping Principles® ARMA International (
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Agency Risk Management & Internal Control Standards (ARMICS)
Assess Your Organization's Information Governance using the Generally Accepted Recordkeeping ® Principles September,
Compliance with IOSCO requirements AMEDA Leadership Forum Alexandria Egypt Monday 27 th April 2009 by Dr. Ashraf EL Sharkawy Senior Advisor to the CMA.
General Principles for the Procurement of Goods and Services Asst. Prof. Muhammad Abu Sadah.
Holistic Approach to Security
Priscilla Emery President, ECM Scope.  What is Compliance?  What is GARP?  What is considered Best Practice in this area?  A Framework for Compliance.
Webinar for FY 2011 i3 Grantees February 9, 2012 Fiscal Oversight of i3 Grants Erin McHughJames Evans, CPA, CGFM, CGMA Office of Innovation and Improvement.
ISO Environmental Management Systems 1 ISO LEGAL AND OTHER REQUIREMENTS.
Generally Accepted Recordkeeping Principles: The Principle of Transparency Alaska Chapter of ARMA International Presented by: Tara Carey, ARMA Board Member.
A New Standard for Disposal Mark Crookston Senior Advisor Appraisal Government Recordkeeping Group.
ISO RECORDS. ISO Environmental Management Systems2 Lesson Learning Goals At the end of this lesson you should be able to:  Describe.
Peter Kurilecz crm ca igp
ICAJ/PAB - Improving Compliance with International Standards on Auditing Planning an audit of financial statements 19 July 2014.
Maximizing the Value of Information Information Governance As A Strategic Framework Presenter: Margaret Hermesmeyer, MLIS, IGP, CRM Division Chief Information.
Federal Information Security Management Act (F.I.S.M.A.) [ Justin Killian ]
Presenters: Margaret Hermesmeyer, MLIS, CRMKevin Waldrup, MBA, CRM Chief, Records Management Division Records Management Administrator Office of the Attorney.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
ARMA VI - NANAIMO 2016 David Young Records Management Archivist University of Victoria Electronic Records as Documentary Evidence CGSB‐72.34‐2015 (To supersede.
“The Role of CPSB and CASB in the Transformation and Growth of Counties” By CS Peterson Mwangi.
Governance, risk and ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.
#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.
UW-Madison Guidelines for Managing the Records of Departing Employees*
Getting to Know Internal Auditing
GS-R-3 vs. ISO 9001:2008 Requirements - 4
Getting to Know Internal Auditing
Getting to Know Internal Auditing
Training Course on Integrated Management System for Regulatory Body
Getting to Know Internal Auditing
The Elements of appropriate Internal Controls
An overview of Internal Controls Structure & Mechanism
CGSB and Electronic Records
Presentation transcript:

Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International

a clear statement to guide:  CEOs in determining how to protect their organizations in the use of information assets  Legislators in crafting legislation meant to hold organizations accountable  Records management professionals in designing comprehensive and effective records management programs

Records and recordkeeping are inextricably linked with any organized activity. It is only through the information an organization records in the normal course of business that it can know what it has done and effectively plan what it will do in the future.

 A key resource in the operation of any organization  Used in a way that effectively supports the activity of that organization

 identify the critical hallmarks of information governance  apply to all sizes of organizations, in all types of industries, and in both the private and public sectors

 Accountability  Transparency  Integrity  Protection  Compliance  Availability  Retention  Disposition

A senior executive (or person of comparable authority) oversees the recordkeeping program and delegates program responsibility to appropriate individuals. The organization adopts policies and procedures to guide personnel and ensure the program can be audited.

The processes and activities of an organization’s recordkeeping program shall be documented in an understandable manner and be available to all personnel and appropriate interested parties.

A recordkeeping program shall be constructed so the records and information generated or managed by or for the organization have a reasonable and suitable guarantee of authenticity and reliability.

A recordkeeping program shall be constructed to ensure a reasonable level of protection to records and information that are private, confidential, privileged, secret, or essential to business continuity.

The recordkeeping program shall be constructed to comply with applicable laws and other binding authorities, as well as the organization’s policies.

An organization shall maintain records in a manner that ensures timely, efficient, and accurate retrieval of needed information.

An organization shall maintain its records and information for an appropriate time, taking into account legal, regulatory, fiscal, operational, and historical requirements.

An organization shall provide secure and appropriate disposition for records that are no longer required to be maintained by applicable laws and the organization’s policies.

 gives a more complete picture of what effective information governance looks like.  Based on the eight GARP ® principles as well as a foundation of standards, best practices, and legal/regulatory requirements Registered Trademark of ARMA International

 Level 1 (Sub-standard)  Level 2 (In Development)  Level 3 (Essential)  Level 4 (Proactive)  Level 5 (Transformational)

Identify the gaps between the organization's current practices and the desirable level of maturity for each principle. Assess the risk(s) to the organization, based on the biggest gaps. Determine whether additional information and analysis is necessary. Develop priorities and assign accountability for further development of the program.

 Where are you?  Where would we like to be?  What is your Strategic Approach?

 ISO Information and Documentation-Records Management-Part 1: General  ISO/TR Information and Documentation-Records Management-Part 2: Guidelines  Records and Information Management Core Competencies

 GARP  GARP Maturity Model  Webinars (free for ARMA members)

Other GARP Education from ARMA (fee discount for ARMA members) Online Course: Generally Accepted Recordkeeping Principles® Overview onlinecourses/garp.cfm

Comments