1. The Principles: Integrity
A recordkeeping program shall be constructed so
the records and information generated or
managed by or for the organization have a
reasonable and suitable guarantee of authenticity
and reliability.

2. Two components:
● Integrity of a record is directly related to the
ability to prove that a record is authentic and
unaltered.
● Authenticity requires proof that a document
comes from the person, organization, or other
legal entity claiming to be its author or
authorizing authority.

3. Integrity means:
● Correctness of and adherence to the policies
and procedures of the organization
● Reliability of the information management
training and direction given to the employees
who interact with all systems
● Reliability of the records created
● An acceptable audit trail
● Reliability of the systems that control the
recordkeeping including hardware, network
infrastructure, and software

4. How:
● Embodied in policies and procedures.
● Training of employees in proper adherence to
said policies and procedures.
● Consistent practices throughout records
lifecycle.
● Proper audit and QA processes.
● Maintenance of reliable systems.

5. Why:
● Reliable and authentic records lie at the heart
of the purpose for a recordkeeping program:
● Business decisions, regulatory, and legal all figure
here.
● Without appropriate processes, you can't trust the
records you keep.

6. Who:
● Company executives are ultimately responsible
for records as business assets.
● Investors and regulators expect integrity.
● Employees/record creators share responsibility
for integrity of records they create.

7. When:
● The principle applies broadly to any
recordkeeping program.
● It is especially important during the creation and
management of records, as well as in auditing and
QA processes.

8. Where:
● Any organization maintaining records, but
probably most especially those subject to legal
and regulatory oversight by third parties.

9. A word on the Maturity Model
● Level 1: Sub-standard: No defined policies or procedures for
ensuring authenticity of records.
● Level 2: In development: Some records are kept with respective
metadata, but no formal process for metadata storage.
● Level 3: Essential: Formal processes, metadata standards, and
goals for integrity of records in place.
● Level 4: Proactive: Clear definition for metadata standards for
all records, metadata standards address security, chain of
custody requirements.
● Level 5: Transformational: Formal standards in place for
introduction of new record-generating systems, controls and
audits in place, initial goals have been met and are mechanism
devised for regular review/revision.

10. Citation
● GenerallyAccepted Recordkeeping Principles ®, from ARMA International.
● Information Governance Maturity Model © 2010, ARMA International.
● About ARMA International and the Generally Accepted Recordkeeping Principles ®:
● ARMA International (www.arma.org) is a not-for-profit professional association and the
authority on managing records and information. Formed in 1955, ARMA International is the
oldest and largest association for the information management profession with a current
international membership of more than 10,000. It provides education, publications, and
information on the efficient maintenance, retrieval, and preservation of vital information
created in public and private organizations in all sectors of the economy. It also publishes
Information Management magazine, and the Generally Accepted Recordkeeping
Principles®. More information about the Principles can be found at
www.arma.org/principles.