Records Management

Policy & Guidance

COMMERCIALISM
INTEGRITY
STEWARDSHIP
COMMERCIALISM
INTEGRITY
STEWARDSHIP

Document Control

Document Details
Author Nigel Spencer
Company Name The Crown Estate
Department Name Information Services
Document Name Records Management Policy
Version Date 28/09/12
Effective Date 1 November 2012
Version 1.3
Issue THREE
May 2007

Change Record
Modified Date Author Version Description of Changes
14/07/2009 N Spencer 1.0 Comments addressed and minor format changes

23/05/2011 S Smith 1.1 Reviewed on behalf of Service Desk

25/05/2011 A R Last 1.2 Reviewed by M Brazier & A R Last

28/09/12 A R Last 1.3 Annual review

Stakeholder Sign–off
Name Position Signature Date
Nigel Spencer Information Services Manager May 2011
Martin Brazier Knowledge Manager May 2011
Nigel Spencer Head of IS September 2012
Martin Brazier Knowledge Manager September 2012

Security Sign-off
Name Position Signature Date
Adrian Last Business Support Manager May 2011
Adrian Last ISMS Manager September 2012

1
COMMERCIALISM
INTEGRITY
STEWARDSHIP

Table of Contents
1. Policy Purpose 3
2. Introduction 3
2.1. What are records? 3
3. Organisational Arrangements 5
3.1. Lead Responsibility 5
3.2. Responsibility of Heads of Business Units 5
3.3. Information Asset Owners 5
3.4. Responsibility for Change Management 5
3.5. General Roles and Responsibilities 5
4. Records Systems 5
4.1. Information Classification 5
4.2. Choosing Where to Store Records 5
5. Storage of Paper Records 6
5.1. New Paper Records 6
5.2. Legacy Paper Records and SAPA 6
5.3. Items on Loan from The National Archives 6
6. Security of Records 7
6.1. Access Control 7
6.2. Collection of Evidence of Security Breaches 7
7. Retention and Disposal 8
7.1. General Principles 8
7.2. Making Disposal Decisions 8
7.3. Implementing Disposal Decisions 8
7.4. Documenting Destruction 8
8. Records Created by Partners 8
8.1. Typical Contract Requirements 8
8.2. Collection of Evidence of Security Breaches 9
9. Review of Records for Transfer to The National Archives 9
9.1. Selection of Records for Permanent Preservation 9
9.2. Determining the Access Status of Records 9
9.3. Transfer of Public Records 10
10. Compliance 10
10.1. Monitoring and Reporting 10
11. Review of Records for Transfer to The National Archives 11
11.1. Selection of Records for Permanent Preservation 11
11.2. Determining the Access Status of Records 11
11.3. Transfer of Public Records 12

2
COMMERCIALISM
INTEGRITY
STEWARDSHIP

Table of Contents (Cont.)

12. Compliance 12
12.1. Monitoring and Reporting 12
13. User Awareness 12
14. Incident Reporting 12
15. Disciplinary Process 12
16. Deviations From Policy 12
17. Glossary Of Terms 12
Appendix A – List Of Related Documents, Procedures And Processes 13

3
COMMERCIALISM
INTEGRITY
STEWARDSHIP

1. Purpose
The aim of this policy is to ensure that employees and agents and advisers are aware of their
responsibilities when managing records belonging to The Crown Estate and has been written to
support the Management Board Statement below:
“We recognise that records management is vital to our business. Effective records management will
help us to ensure we have the right information at the right time to make the right decisions. It will
provide evidence of what we do and why, thereby protecting our interests.
We recognise that records and the information they preserve are essential corporate assets.
By implementing this policy, we aim to balance our commitment to integrity, openness and
transparency with our commercial and stewardship responsibilities.
We will provide supporting standards, procedures and guidelines, and monitor compliance with
May 2007

them. We will review this policy annually or whenever a significant change is being planned, and
we will keep it up to date.”

2. Introduction
Managing Crown Estate records to agreed standards is essential if those records are to be available
and used in the future. Freedom of information and data protection legislation has put greater
emphasis on our obligation to maintain a corporate memory securely and to make information
available to the public as appropriate. All records need to be managed in line with legal, business
or heritage obligations and be accessible, accurate, in good condition and either held permanently
or disposed of in a timely fashion, as appropriate. Furthermore, adequate records management
ensures the security of our information and is an enabler for accreditation under ISO27001.
All employees, advisers and agents should be aware of the value of the Crown Estate records they
create or manage, and relevant legislation and regulations governing their use and retention.
This policy defines the way Crown Estate records and information should be managed to standards
which ensure that vital and important records are identified, that the business holds records
that are necessary, sufficient, timely, reliable and consistent with business need, and that legal
and regulatory obligations are met. It also defines the roles and responsibilities for the creation,
safekeeping, access, change and disposition of information.
2.1. What are records?
Records provide a history in detail of an issue, matter, dealing, transaction, project, initiative or
decision. Any type of document, data and information in any format can be a record, including
paper, electronic files, emails, presentations, scanned images, spreadsheets and models. It is
important that all evidence is recorded to show the build-up and background to outcomes.
A record is not just the final report or product. To use an analogy with paper file systems, it
is important to include draft versions, correspondence, memos, notes and comments – the
metaphorical pencilled notes in margins - which all help to tell the story and retain the corporate
‘memory’. In the electronic world, we must strive to retain and secure all related information in
such a way that it is holistic and in context.

4
COMMERCIALISM
INTEGRITY
STEWARDSHIP

3. Scope
The scope of this policy applies to:
• The Crown Estate’s personnel, temporary staff, contractors and service providers utilising The
Crown Estate’s information system resources; and
• Information system resources, including data networks, LAN servers and personal computers
(stand-alone or network-enabled) located at The Crown Estate and non-Crown Estate locations,
where these systems are under the jurisdiction and/or ownership of The Crown Estate, and any
personal computers and/ or servers authorised to access The Crown Estate’s data networks.
Personal mobile devices such as Blackberrys and laptops provided by The Crown Estate are also
included. Third parties shall also adhere to this policy.
• All corporate records, whether in paper or electronic format. May 2007

4. Policy
4.1. Policy statement
The Crown Estate’s records are assets essential to The Crown Estate’s business and its dependency
on these assets to meet its statutory obligations demands that appropriate levels of records
management be instituted and maintained. It is The Crown Estate’s policy that appropriate
organisational arrangements (see Section 5 below) and processes (Sections 6 to 9) are
implemented to ensure its records are maintained in a systematic and orderly fashion, protected
against accidental or malicious destruction, damage, modification or disclosure, and to maintain
appropriate levels of confidentiality, integrity and availability of its records.
4.2. Policy objectives
The objectives of this policy with regard to records management are to:
• Ensure that comprehensive records are readily available as a corporate memory to enable The
Crown Estate to conduct its business in an effective way
• Enable The Crown Estate to meet its statutory obligations;
• Minimise reputation exposure, which may result from ineffective records management.
4.3. Policy overview
The Crown Estate’s records are important business assets. Appropriate systems are required to
ensure that sufficiently comprehensive and complete records are kept to enable The Crown Estate
to maintain a corporate memory sufficient to meet its statutory obligations. Users should be made
aware of the dangers of inadequate record keeping.
4.4. Policy maintenance
Supporting standards, guidelines and procedures will be issued on an ongoing basis by The Crown
Estate. Users will be informed of any subsequent changes or updated versions of such standards,
guidelines and procedures by way of e-mail or other relevant communication media. Users shall
then have the obligation to obtain the current information systems policies from The Crown Estate
Intranet or other relevant communication media on an ongoing basis and accept the terms and
conditions contained therein.

5
COMMERCIALISM
INTEGRITY
STEWARDSHIP

5. Organisational Arrangements
5.1. Lead Responsibility
The Management Board recognises the importance of records management as a core corporate
function, as part of a wider knowledge management function. This responsibility covers records
in all formats throughout their lifecycle, from planning and creation through to disposal and
includes records managed on our behalf by external partners. Allocation of lead responsibility
for the records and information management function is designated to the Director of Finance
and Information Systems to act as a records management champion. Operational responsibility is
designated to the Knowledge Manager.
5.2. Responsibility of Heads of Business & Support Groups
Heads of business and support groups are responsible for ensuring that adequate records are kept
May 2007

of the activities for which they are accountable. Roles and responsibilities for records management
and information security will form part of staff induction procedures (including temporary staff,
contractors, secondees and consultants) to ensure that all staff are aware of the business’s records
management policies, standards, procedures and guidelines and understand their personal
responsibilities. Heads of business groups are responsible for ensuring that their staff know how
they apply to their business or support groups. General responsibilities will be included in Personal
Scorecards, with more detailed objectives set for those with a more specific role in record keeping.
5.3. Information Asset Owners
Heads of business and support groups are the “information asset owners” for the information
generated or used in their area of responsibility.
5.4. Responsibility for Change Management
Records management issues will be considered when planning or implementing IT systems, when
extending staff access to new technologies and during re-structuring or major changes to the
organisation.
5.5. General Roles and Responsibilities
Management Board – board level responsibility for ensuring compliance with this policy lies with
the Director of Finance and Information Systems. Individual Management Board members have
responsibility for ensuring that their heads of business units follow procedures and guidance,
comply with the records management policy and standards, and that records management is
carried out in accordance with those procedures.
Knowledge Management Team – this team has the following responsibilities:
• ensure that the records management policy and standards are kept up to date and relevant;
• raise staff awareness of records management issues;
• provide advice and guidance to heads of business units and staff;
• audit compliance with the records management policy and associated standards;
• develop and maintain retention and disposal schedules and document disposal activity.
Heads of Business & Support Groups – are responsible for taking the lead on records management
issues in their areas of responsibility, and ensuring that procedures and guidance are in place
which support the records management policy and associated standards.
All staff – all staff who receive, create, maintain, use or delete records are responsible for ensuring
that they do so in accordance with this policy.
6
COMMERCIALISM
INTEGRITY
STEWARDSHIP

6. Records Systems
6.1. Information Classification
The Protective Marking System (often referred to as the Government Protective Marking System/
Scheme or GPMS) is the Government’s classification system to ensure that access to information
and other assets is correctly managed and safeguarded to an agreed and proportionate level
throughout their lifecycle, including creation, storage, transmission and destruction. The system is
being adopted by The Crown Estate to ensure good business practice and meet the requirements
of relevant legislation and regulation. It is a means of protecting information from accidental or
deliberate compromise or disclosure. As staff at The Crown Estate generate and handle sensitive
or confidential documents, they must apply the Protective Marking System, and the necessary
May 2007

controls and technical measures as detailed in the Information Classification and Data Handling
Policy.
6.2. Choosing Where to Store Records
For many specialist types of records there will be an obvious and dedicated repository. For
example, financial and purchase-to-pay records will be stored in Agresso, and some HR records in
Snowdrop. However, the majority of records are created by standard desktop applications such as
Word, Excel, Powerpoint etc. It is the storage of the records created by these generic applications
that requires greater levels of advice and guidance.
6.2.1. Personal Storage – Portable Media
Portable media (memory sticks) are provided for users to store small quantities of information
which needs to be mobile or intended for sharing with others. Portable media must not be used
to store any information which does not exist as a record on a Crown Estate computer system.
Information on a memory stick must be considered as ‘in transit and dispensable’ and transferred
as a record as soon as is practicable. Portable media must be encrypted. Crown Estate records
must not be transferred to CD or DVD.
6.2.2. Personal Storage – The U: Drive
The U: drive is provided for users as a short term area to store personal and rough draft
information. For example, users might choose to keep working copies of their personal scorecards
or expenses. However, the U: drive must not be used to keep corporate records.
6.2.3. Shared Storage – The S: Drive
The S: drive stores archived material, and cannot be used to store new records. Some transient
information may be stored there by exception and prior arrangement. The S: drive must not be
used to keep records.
6.2.4. Corporate Document & Records Management System – Wisdom
Wisdom is the corporate document and records management system and is provided for users
to store information which forms the corporate record; that is the corporate ‘memory’ of the
work of the organisation. Wisdom provides adequate security of access, implements Protective
Marking and provides an audit trail and version control for the evolution of documents. It also has
appropriate functionality to specify and implement retention and disposal schedules and to review
records under the Public Records Act.

7
COMMERCIALISM
INTEGRITY
STEWARDSHIP

7. Storage of Paper Records

7.1. New Paper Records
The Crown Estate no longer keeps paper records as a matter of course. There are exceptions, such
as title deeds, contracts and signed agreements.
Individuals must not keep their own private or personal paper files of corporate information –
corporate paper documents (such as incoming letters) must be scanned and placed into Wisdom
and the originals securely destroyed.
7.2. Legacy Paper Records and SAPA
Legacy paper documents are held in an offsite store at Peterborough, run by Document Control
Services Limited (DCS). Physical security arrangements for those records vary according to need
– title deeds, for example, are held in vacuum sealed packets in fire safes. The content of the
May 2007

external store can be interrogated using the SAPA application, accessible from the home page of
The Crown Estate Intranet, ‘i-Site’. From SAPA, users can request the transfer of an item or request
that it is scanned. Proactive scanning of frequently-used files is undertaken monthly, and the
scanned images placed on Wisdom.
Records that are recalled from the store are delivered to the requester, and remain in their
safekeeping until returned. Requesters will be permitted to retain a file for up to three weeks, after
which it must be returned. If a file is needed for longer than three weeks, the file will be scanned
and made available through Wisdom. Original paper files will only be released for longer than
three weeks in special circumstances.
Files must not be despatched directly to an external party such as a managing agent or law firm.
Any file required by external bodies must be passed to the Knowledge Management team so that
its intended location can be recorded on the SAPA System, and preferably scanned.
7.3. Items on Loan from The National Archives
Items held at The National Archives should be requested through the Knowledge Management
Team. Items on loan from The National Archives will be immediately assessed to determine
whether they contain the information required, and if so, scanned and the original returned as
soon as possible. Once items have been transferred to The National Archives they are no longer
Crown Estate property and they must therefore be kept safely when in The Crown Estate’s
possession and returned as soon as possible.

8. Security of Records
8.1. Access Control
Records will be stored securely and access to them will be controlled. Storage arrangements,
handling procedures and arrangements for transmission of records reflect accepted standards and
good practice in information security. Access control will be applied in two ways – general access
control and specific control using protective marking.
Ease of access will depend on the nature and sensitivity of the records, although the presumption
will be to open internal access. Access restrictions will be applied when necessary to protect the
information concerned and security should be kept up to date with access control removed when
information is no longer sensitive. Particular care should be taken with personal information
about living individuals in order to comply with the 7th data protection principle, which requires
precautions against unauthorised or unlawful processing, damage, loss or destruction. Particular
care should be taken with information bearing a protective marking, and should be handled in
8
COMMERCIALISM
INTEGRITY
STEWARDSHIP

accordance with the Information Classification and Data Handling Policy. Other information,
such as information obtained on a commercially confidential basis, may also require particular
protection.
8.2. Collection of Evidence of Security Breaches
To allow follow-up action after a breach of information security, evidence should be collected,
retained and presented. In general, the rules for evidence cover admissibility of evidence (whether
or not the evidence can be used in court) and weight of evidence (the quality and completeness of
evidence). Documents stored in Wisdom are likely to meet the rules for evidence, as access control
and audit trails are embedded functionality.

9. Retention and Disposal May 2007

9.1. General Principles

As a general principle, records should be kept for as long as they are needed - for reference or
accountability purposes, to comply with regulatory requirements or to protect legal and other
rights and interests. Destruction at the end of this period ensures that office and server space
are used resourcefully and costs are not incurred in maintaining records that are no longer
required. For records containing personal information it also ensures compliance with the fifth
data protection principle which requires that personal data is kept only for as long as it is needed.
Removing records that are no longer required also improves the likelihood and speed of retrieving
retained records.
Records should not be kept after they have come to the end of their retention period unless:
• They are known to be the subject of litigation or a request for information. If so, destruction
should be delayed until the litigation is complete or, in the case of a request for information, all
relevant complaint and appeal provisions have been exhausted;
• They have long-term value for historical or research purposes and have been or should be
selected for permanent preservation;
• They contain or relate to information recently released in response to a request under the
Freedom of Information Act. This may indicate historical value and destruction should be
delayed while this is re-assessed;
• They relate to the state of existing property and will be kept until the state changes or the
property is sold.
9.2. Making Disposal Decisions
Disposals of records should be undertaken only in accordance with the Retention and Disposal
Schedules, which identify and describe records to which a pre-defined disposal action can be
applied, for example destroy x years after [trigger event]; review after y years, transfer to archives
for permanent preservation after z years. Asset owners (i.e. heads of business and support groups)
must identify a “Reviewer” who can make disposal decisions at the end of retention periods on
behalf of their group.
If any records are not covered by a Retention and Disposal Schedule, special arrangements should
be made to review them and decide whether they can be destroyed or should be selected for
permanent preservation. Decisions of this nature should be documented and kept to provide
evidence of which records have been identified for destruction, when the decision was made, and
the reasons for the decision, where this is not apparent from the overall policy.
9
COMMERCIALISM
INTEGRITY
STEWARDSHIP

9.3. Implementing Disposal Decisions

Disposal decisions should be implemented by the appropriate reviewer or the Knowledge
Management Team. Records scheduled for destruction should be destroyed in as secure a manner
as required by the level of confidentiality or protective security markings they bear. For example,
records containing personal information about living individuals should be destroyed in a way
that prevents unauthorised access (this is required to comply with the seventh data protection
principle). With digital records it may be necessary to do more than overwrite the data to ensure
the information is destroyed.
When destruction is carried out by an external contractor, the contract should stipulate that the
security and access arrangements established for the records will continue to be applied until
destruction has taken place, and that the destruction will be certified.
In some cases there will be more than one copy of a record. For example, there are likely to be
May 2007

back-up copies of digital records, or there may be digital copies of paper records. A record cannot
be considered to have been completely destroyed until all copies, including back-up copies, have
been destroyed, if there is a possibility that the data could be recovered.
9.4. Documenting Destruction
Details of destruction of records should be kept, either as part of the audit trail metadata or
separately. This is done automatically for electronic files reviewed through Wisdom. Ideally, some
evidence of destruction should be kept indefinitely because the previous existence of records may
be relevant information. At the very least it should be possible to provide evidence that as part of
routine records management processes destruction of a specified type of record of a specified age
range took place in accordance with the Retention and Disposal Schedule.

10. Records Created by Business Partners

10.1. Typical Contract Requirements
When The Crown Estate is working in partnership with other organisations, sharing information
and potentially contributing to a joint records system, contractual arrangements should include,
where possible, protocols that specify:
• What information should be contributed and kept, and by whom;
• What level of information security should be applied;
• Who should have access to the records;
• What disposal arrangements should be in place;
• What happens at the end of the contract with regard to records;
• Which body holds the information for the purposes of FOI.
Instructions and training should be provided to all those involved in such collaborative working.
Record management controls should be applied to information being shared with or passed
to other bodies. Particular protection should be given to confidential or personal information.
Protocols should specify when, and under what conditions, information will be shared or passed,
and details should be kept of when this information has been shared or passed. Details should be
kept also of how undertakings given to the original source of the information have been respected.

10
COMMERCIALISM
INTEGRITY
STEWARDSHIP

11. Review of Records for Transfer to The National Archives

11.1. Selection of Records for Permanent Preservation
The Public Records Acts of 1958 and 1967 and the subsequent Dacre review place upon The Crown
Estate a requirement that we assess all our records before they are 20 years old, unless they have
been routinely destroyed as part of a retention and disposal policy. The review is to determine
whether the records can be destroyed or passed to The National Archives for permanent
preservation. Records can only be retained after this period in exceptional circumstances, and then
only with the approval of the Lord Chancellor.
To enable review, it is important that records are accurate, complete, kept together and in context.
It is also important that related record sets can be reviewed together.
In the context of the Public Records Acts and the Dacre Review, ‘records’ means both paper and
May 2007

electronic records.
11.2. Determining the Access Status of Records
When preparing public records for transfer to The National Archives the access status of those
records should be considered in order to:
• Consider which information must be available to the public on transfer because no exemptions
under FOI or EIR apply;
• Consider whether the information must be released in the public interest, notwithstanding the
application of an exemption under FOI or EIR;
• Consider which information must be available to the public at 30 years because relevant
exemptions in FOI have ceased to apply;
• Consider which information should be withheld from public access through the application of an
exemption under FOI or EIR.
Consultation will take place, both within the business and with other organisations that might be
affected by the decision, such as the original suppliers of the information.
If the outcome of the review is that records are to be transferred as open, there will be no formal
review of this designation by The National Archives. If the outcome of the review is identification
of specified information which ought not to be released under the terms of FOI or EIR, a scheduled
should be prepared that:
• Identifies the information precisely;
• Cites the relevant exemption(s);
• Explains why the information may not be released;
• Identifies a date at which either release would be appropriate or the case for release should
be reconsidered.
The review must also consider whether parts of records might be released if the sensitive
information were redacted, i.e. rendered invisible or blanked out. Information that has been
redacted should be stored securely and should be returned to the parent record when the
exemption has ceased to apply.
The schedule should be submitted to The National Archives for review and advice prior to transfer.
If the outcome of the review is that some or all of the information in the records should be closed
after it is 30 years old, the schedule will be considered by the Advisory Council.

11
COMMERCIALISM
INTEGRITY
STEWARDSHIP

11.3. Transfer of Public Records

It is the responsibility of the Knowledge Management Team to ensure that those records
are adequately prepared and are transferred with the level of security appropriate to the
confidentiality of the information they contain.

12. Compliance
12.1. Monitoring and Reporting
Monitoring will be undertaken on a regular basis and the results reported to the person with lead
responsibility for records management at Management Board level, so that risks can be assessed
and appropriate action taken.
May 2007

13. User Awareness

Users shall be made aware of their responsibilities in the effective management of Crown Estate
records, including, but not limited to:
• The need to use The Crown Estate’s corporate records system (Wisdom) for the filing of all
business related information created by them;
• The need to ensure that any paper records held either by DCS or at The National Archives are
returned promptly when no longer required;
• The need to be aware of this policy and all its provisions.

14. Incident Reporting

All security incidents, including actual or potential unauthorised access to The Crown Estate’s
records, should be reported immediately to the ISMS Manager or Information Services Manager in
accordance with the Security Breach & Weakness Policy.

15. Disciplinary Process

The Crown Estate reserves the right to audit compliance with the policy from time to time. Any
disciplinary action, arising from breach of this policy, shall be taken in accordance with The Crown
Estate’s Rules and Disciplinary Code. Disciplinary action may ultimately lead to dismissal.

16. Deviations From Policy

Unless specifically approved, any deviation from this policy is strictly prohibited. Any deviation to
or non-compliance with this policy shall be reported to the ISMS Manager & Head of IS.

17. Glossary Of Terms

The terms used in this policy document are to be found in the ISMS Glossary of Terms.

12
COMMERCIALISM
INTEGRITY
STEWARDSHIP

Appendix A – List Of Related Documents, Procedures And Processes

May 2007

13