Managing Risk

The United Nations Archives and Records Management Section has developed this guidance to provide an overview of information risks in the context of records management. It provides a snapshot of information and records risks and proposes potential risk mitigation strategies. This page also provides links to more detailed guidance on risks arising from managing sensitive information, as well as business continuity risks such as the damage or loss of records and information from disasters or major systems failure.

Understanding the information risks of a specific programme through a comprehensive assessment of its records and information management activities, allows offices to plan for their mitigation. A strong records management regime should be one of your primary risk mitigation strategies. A risk-based approach to records and information management has the potential to deliver benefits, ranging from enhancing an Organization’s performance, to improving the strategic use of information. 

This guidance is intended for information and programme managers in information technology or substantive areas seeking to reinforce their information management capacity and the accountability framework for their core activities.


DPI Opens Archives to Press ahead of A/V Heritage Day

Department of Public Information (DPI) film and video archives, during a tour given to members of the press by the Department’s Audiovisual Services Section ahead of World Day for Audiovisual Heritage on 27 October.

Overview of Information and Records Management Risks


Guidance on Information Security Risks

An important aspect of managing risk is managing information security. Records and information are important assets of the United Nations, and sound procedures for the protection of the information sensitivity and security are critical for the proper management of the Organization’s records. Information sensitivity relates to the level of confidentiality of the information within the United Nations.

The appropriate handling of sensitive information is crucial to the success of the Organization and its operations throughout the world. Information security relates to the protection of the information, including access controls. Information security also ensures that the information is available when needed and that its integrity is maintained, i.e. that it is not altered or inappropriately disclosed.


Guidance on Business Continuity Risks


Risk Assessment Guidance