Information Audits: A Guidance Note

An information audit will help identify the information (regardless of format) held by the University, and also help identify and assess how that information is shared. The audit process will provide recognition and understanding of how the University operates in terms of administrative, legislative and regulatory requirements.  It will identify strengths and weaknesses in the management of records and information. Finally, the audit will highlight any actions and procedures that are required to ensure that information is readily and easily available to staff whenever they need it.

Why do we need an information audit?

There are a number of reasons to carry out an information audit, including:

  • Development of a records retention schedule
  • To prepare for an Electronic Document & Records Management System (EDRMS)
  • To prepare for an office move/relocation of service
  • To ensure compliance with legislation, i.e. General Data Protection Regulation, Freedom of Information (Scotland) Act 2002, Environmental Information (Scotland) Regulations
  • To reduce the unnecessary retention of information

The benefits

The potential benefits of the information audit will be felt at University, department, and staff level. These benefits include:

  • An increase in operational effectiveness, efficiency, and customer service through improved access to information
  • Easy identification of where information is stored, how it’s managed, and in what format it is held
  • Compliance with relevant legislation and regulation
  • Enhanced information security by knowing what is held and where
  • Development of records retention schedules, including the identification of information worthy of permanent preservation
  • Assistance in the rationalisation of space and storage, allowing more efficient use of space  Reduction of storage costs through the destruction of time-expired material, and the reduction of duplicate records and information
  • Identification of records and information that can be stored in alternative formats
  • Identification of information sharing opportunities

What the audit will achieve?

The audit will allow the following:

  • Development of bespoke and departmental specific retention schedules
  • Improved access to information
  • Creation of a complete and comprehensive picture of the information held by the relevant departments

The audit process

The information audit will be carried out through a series of interviews or discussions with key staff. Steps include:

  • A brief meeting with each Head of Department and/or relevant team members to discuss the information audit programme, the benefits to be realised, and the input required from members of staff.
  • Drawing up of a list of key staff to interview, including support staff and those with special responsibility for particular areas.
  • Circulation of guidance notes on the information audit those selected for interview
  • If required, attendance at a departmental meeting to briefly discuss the audit.
  • Identification of additional staff training requirements (records and information management, FOI & DP, email management, etc).
  • Scheduling of interviews (30- 40 minutes in duration).

Information gathered in these interviews will be used to make recommendations on the appropriate retention and disposal of records.