>So, if an IT manager asked you "What does records management have to do
>with information security?" how would you answer him/her?

In my lectures on the topic, I emphasize that IS usually ignores paper 
records and knowledge in the heads of the employees. RM ensures the security 
of the former and to a degree (sometimes together with HR etc.) of the 
latter.

The information sometimes is well-protected in the e-form (with access 
rights granularity at level of separate records) but easy to obtain in the 
paper archive – because access controls are not aligned.

As ISO 27002:2005 "Code of practice for information security management" 
says (sec.0.1) "Information can exist in many forms. It can be printed or 
written on paper, stored electronically, transmitted by post or by using 
electronic means, shown on films, or spoken in conversation. Whatever form 
the information takes, or means by which it is shared or stored, it should 
always be appropriately protected."

Regards,
Natasha 

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]