A must for agencies or a candidate for deletion: A grounded theory investigation of the relationships between records management and information security
ISSN: 0956-5698
Article publication date: 14 January 2019
Issue publication date: 7 March 2019
Abstract
Purpose
This paper aims to report on a study that aimed at analyzing the relationships between information security and records management (RM), both as programs/functions established in organizations. Similar studies were not found in relevant literature.
Design/methodology/approach
The study used the classic grounded theory methodology. Pursuing the general curiosity about the information security-RM relationship in organizations, the study selected the United States (US) Federal Government as its field of entrance and followed the process of the classic grounded theory methodology that starts from the letting of the emergence of the research question to the formulation of a substantive theory that answered the question.
Findings
On the emergent question that why, despite the legislative establishment of agency RM programs and the use of the term records in their work, the US Federal Government information security community considered RM a candidate for deletion (CFD), the study coded the truncated application of the encompassing definition of records as the underlying reason. By this code, along with its three properties, i.e. limitations by the seemingly more encompassing coverage of information, insufficient legislative/regulatory support and the use of the terms of evidence and preservation in the records definition, the CFD consideration and the associated phenomena of unsound legislative/regulatory conceptualization, information shadow, information ignorance and archival shadow were explained.
Research limitations/implications
The study results suggested the data for subsequent theoretical sampling to be the operational situations of individual agency RM programs.
Practical implications
The rationale presented in the study regarding the encompassing nature of records and the comprehensive scope of RM program can be used for building strong RM business cases.
Originality/value
The study appears to be the first of its kind, which examined the RM–information security relationship in a very detailed setting.
Keywords
Acknowledgements
This study is supported by the Fundamental Research Funds for Central Universities and the Research Funds of Renmin University of China (15XNL032).
Citation
Xie, S.L. (2019), "A must for agencies or a candidate for deletion: A grounded theory investigation of the relationships between records management and information security", Records Management Journal, Vol. 29 No. 1/2, pp. 57-85. https://doi.org/10.1108/RMJ-09-2018-0026
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited