The UN Archives has developed this guidance to provide an overview of information risks in the context of managing records. It provides a snapshot of information and records risks and proposes potential risks mitigation strategies. This page also provides links to more detailed guidance on risks arising from managing sensitive information, as well as business continuity risks such as the damage or loss of records and information from disasters or major systems failure.
Understanding the information risks of a specific programme through a comprehensive assessment of its records and information management activities, allows offices to plan for their mitigation. A strong records management regime should be one of your primary risk-mitigation strategies. A risk-based approach to records and information management has the potential to deliver benefits, ranging from enhancing an Organisation’s performance to improving the strategic use of information. Managing records and information risk is also directly related the accountability of staff members and the Organization at large.
This guidance is intended for information and programme managers in information technology or substantive areas seeking to reinforce their information management capacity and the accountability framework for their core activities.
Overview of Information and Records Management Risks
- Managing records to manage information risks
- Checklist of potential information management risks and mitigation strategies (Operational risks)
- Towards and accountability system in the United Nations Secretariat (A/64/640:Page 22 )
- Presentation on managing information risks in peacekeeping operations
Guidance on Information Security Risks
An important aspect of managing risk is managing information security. Records and information are important assets of the United Nations, and sound procedures for the protection of the information sensitivity and security are critical for the proper management of the Organization’s records. Information sensitivity relates to the level of confidentiality of the information within the United Nations.
The appropriate handling of sensitive information is crucial to the success of the Organization and its operations throughout the world. Information security relates to the protection of the information, including access controls. Information security also ensures that the information is available when needed and that its integrity is maintained, i.e., that it is not altered or inappropriately disclosed.
- The Information Sensitivity Toolkit is a practical guide to ST/SGB/2007/6.
- Ensuring Records are Secure
- Understanding information sensitivity
- How do I protect sensitive information?
- How do I ensure records are secure?
Guidance on Business Continuity Risks
- How do I protect records from loss or damage?
- How do I protect records in an emergency?
- How do I know which records are vital?