On 6/13/05, Kirchner, Joseph <[log in to unmask]> wrote:
> I too am looking for a policy statement for a client. In addition does anyone have an audit program for a records retention policy?
The policy merely states what will be done, what you audit is the
processes and procedures that are developed from the policy. An audit
tests the procedures and finds the holes in them. For example an
auditor should be able to audit the records destruction process by
examining the authorization process to make sure all steps are
followed, while also testing the actual destruction process which
would include pulling records, verifying them, preparing for
destruction, pickup for destruction and the actual destruction act.
--
Peter Kurilecz
Richmond, Va
List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance