Skip to content
contact us | home | accessibility


Google Custom Search
good practice and innovation
about us infoKits Tools & Techniques Publications Events
You are here: Home » infoKits » Records Management » Creation » How To Create Authentic Records
Records Management infoKit

Information Management


This infoKit is a strand within the Information Management resource. Use one of the following links to view more on a particular lifecycle phase.

Creating Authentic Records

The concept of provenance is a key aspect of records and archival management theory. It describes proof of the origin or source of something (in this case a record) and the chain of custody regarding whose hands it has passed through since.

Why Is This Important?

Capturing a record's provenance provides proof as to who the actors were in any given transaction or process and demonstrates that they had the appropriate authority to undertake it. It should also provide guarantees regarding the reliability of the content due to the known position and authority of the creator. Controlling and recording the 'chain of custody' then perpetuates these assurances throughout the remainder of its life. This issue is explored in more detail during the Active Use section of this infoKit.

How To Create Authentic Records

Given the importance of provenance to creating authentic records, it is vital that the institution has clearly defined processes surrounding the transactions1 it undertakes. This not only means knowing precisely how the transaction should be conducted, but also who should be involved within it and what their specific roles are. The JISC infoNet infoKit on process review should help institutions in this regard. As part of this exercise, it is important to identify what records will be created at which points in the process, thus closely associating each record to the process they are documenting.

It is often the case that systems which create structured data, such as relational databases, student record systems etc are better equipped to automatically control and capture record provenance. Access is usually via a password controlled login which validates the identity of the creator. Any records created or edited during that session will then be automatically associated to that particular user. The user's profile can also be used to determine what system rights they have access to and therefore what transactions they can undertake.

It can be more difficult to achieve this level of control with unstructured records such as text-based documents, spreadsheets etc. Measures to address this may include:

  • Limiting access to particular areas of the record storage facility (i.e. particular folders or areas of the file plan) to specific identified users
  • Creating official templates for use when creating specific record types (meeting minutes, project plans, annual review forms etc) and limiting access to them to certain identified users
  • Ensuring the document properties are picking up the correct authors name from their log in and/or making manual completion of the author field mandatory on document creation
  • Considering the use of biometric authentication systems to confirm the identity of the creator
  • Ensuring the 'header' metadata documenting the transfer information is retained with any emails saved outside of the email client

1 It should be noted that when we refer to 'transactions' this does not necessarily mean financial transaction. The term transaction can be used to describe the completion of any process and could equally apply to a holding a meeting, agreeing a project plan, appraising a member of staff or disciplining a student
Bookmark and Share
Link to the JISC Website

© 2012 Northumbria University, on behalf of JISC Advance
JISC infoNet is a JISC Advance service
This website is powered by Plone | Cookies Statement

Creative Commons

 JISC Advance logo
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)