General Records Retention Schedule
Series Title Description Official Copy Retention Disposition Comments
Accreditation Records -
External
Reports made by accrediting associations,
recommendations by said committees, and
institutional responses to committee
observations and suggestions
University,
College, School,
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
POLICY LIBRARY
http://www.policy.ku.edu
CATEGORY: Information Access & Technology:
Introduction to KU General Records Retention Schedule
Record Class: General Administrative Records
Record Class: Accounting & Financial Records
Information Access; Privacy; Security
POLICY STATUS: APPROVED - January 15, 2009
REVISED/UPDATED - 4/17/09; 5/08/09; 4/22/10; 9/08/10; 2/10/11; 3/15/12
University of Kansas
Records Retention Schedule Mapping (Graphic)
Record Class: Information Technology Records
Record Class: GENERAL ADMINISTRATIVE RECORDS
Record Class: Legal Records
Record Class: Personnel Records (Faculty, Staff, Students)
Record Class: Student & Course Records
Record Class: Library Records
Page 1 of 29
Accreditation Reports
and Review Records -
Internal
Variety of documents relating to the
accreditation review process for the
separate colleges or professional
organizations to ensure that academic or
professional standards are met and
maintained
University,
College, School,
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Activity Report
Records/Job Flows
Internal documents used to compile
statistics on department activities: traffic
reports, activity logs, etc.
Department or
Office
Retain 2 fiscal years Secure destruction
Administrative Files
Central files documenting the daily
activities of an office. This does not
include record types specifically
identified elsewhere in this schedule.
Department or
Office
Retain until no longer
useful, then transfer to
the University Archives
for purging.
University
Archives
Annual Reports
Annual report of the activities of the
originating office or department
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Committee Records
Agendas, minutes, correspondence,
reports, etc. relating to committees, task
forces, commissions, and other standing
or ad hoc groups
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Conference Files
Documents relating to various
conferences sponsored by the university
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Correspondence &
Memos - Policy Related
Internal memos, e-mail, and other
correspondence that state or form the
basis for policy, set precedent, or record
important events in the operational and
organizational history of the university or
an office or department
Department or
Office
Retain 5 calendar years
or until no longer
useful, then transfer to
University Archives.
University
Archives
Page 2 of 29
Correspondence &
Memos - Routine
Incoming and outgoing letters,
memoranda, and email pertaining to
routine matters handled in accordance
with existing policy and procedures:
requests for information, letters of
transmittal, etc.
Department or
Office
Retain until no longer
useful, then destroy.
Secure destruction
Lectures - Visiting
Documents relating to lectures delivered
by visiting speakers.
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Policy Statements
Original copies of formal explanations of
department policies and procedures.
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Statistical Reports
Statistical records of university
activities/functions used in compiling and
publishing monthly, quarterly, and/or
annual reports.
Department or
Office
Retain until no longer
useful, then transfer to
the University Archives
for purging.
University
Archives
Strategic Planning Files
Variety of documents relating to the
strategic planning process
Department or
Office
Retain until no longer
useful or superseded,
then transfer to the
University Archives for
purging.
University
Archives
Public Relations
Materials
Clippings and press releases; documents
related to official functions; internally
produced newsletters, pamphlets, leaflets,
and brochures; documents
commemorating anniversaries, etc.; final
versions of department related speeches
and other formal public communications
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Photographic & Video
Materials
Photo-prints, negatives, slides, films,
videotapes, etc. This does not include
photographic or video materials
used/compiled for medical/research
purposes.
Department or
Office
Retain until no longer
useful, then transfer to
the University
Archives.
University
Archives
Page 3 of 29
Series Title Description Official Copy Retention Disposition Comments
Financial Statements
and Reports - External
This includes but is not limited to
statements and reports issued to the State,
bonding agencies and other financial
institutions, and federal agencies. The
supporting general ledger files and work
papers should be retained.
Comptroller’s
Office and
Office of
Research &
Graduate Studies
Retain permanently. Permanent
Tax Returns & Reports
This includes but is not limited to tax
returns filed with the Internal Revenue
Service, and state and local tax
authorities. This includes tax information
provided to the State and the Board of
Regents. The supporting work papers
should be retained.
Comptroller's
Office and
Office of
Research &
Graduate Studies
Retain 7 fiscal years. Secure destruction
Audit Reports & Work
papers - Internal
Internal Audit work products include
Audit Reports and Work papers for all
audit, investigation, and advisory service
projects - which may be in electronic or
hardcopy form.
Internal Audit
office
Retain 1 signed copy of
the final report
permanently. Work
papers are held 5 fiscal
years.
University
Archives/Secure
destruction
Audit work products are the
property of the university.
Internal Audit maintains
custody of all audit work
products, which are subject
to the retention requirements
set forth above.
Audit Reports & Work
papers - External
External Audit work includes, but is not
limited to, Audit Reports issued by the
State Legislative Post Audit, public
accounting firms, and tax authorities.
Internal Audit
office
Retain 7 fiscal years.
Keep final reports
issued by Legislative
Post Audit
permanently.
University
Archives/Secure
destruction
Audit work products are the
property of the university.
Internal Audit maintains
custody of all audit work
products, which are subject
to the retention requirements
set forth above.
Record Class: ACCOUNTING & FINANCIAL RECORDS
Page 4 of 29
Accounts Payable
Records
Documents related to the payment for
goods and services, including but not
limited to purchase orders, contracts,
invoices, vouchers, correspondence, and
subsidiary ledgers. This includes SOV
and Interfund transactions used to make
payments between university departments
and other State agencies. This also
includes transactions completed via
business procurement cards.
Comptroller's
Office, Office of
Research &
Graduate
Studies, and
Department or
Office
Retain 4 fiscal years. Secure destruction
Accounts Receivable
Records
Documents related to the assessment,
billing, and collection of amounts due to
the university, including but not limited to
fee schedules, contracts, collection
efforts, correspondence, and subsidiary
ledgers. This includes SOV and Interfund
transactions used to make payments
between university departments and other
State agencies. This also includes
transactions completed via merchant
credit cards.
Comptroller's
Office, Office of
Research &
Graduate
Studies, and
Department or
Office
Retain 4 fiscal years. Secure destruction
Asset Records
Documents related to the purchase,
maintenance, repair, improvement, and
depreciation of capital assets.
Comptroller’s
Office and
Office of
Research &
Graduate Studies
Retain for the life cycle
of the related asset plus
1 year, then destroy.
Secure destruction
Payroll Records
These records are required for the
traditional payroll, including tax and
immigration status, and funding of
positions. Much of this information is
shared with the State's Payroll.
Comptroller's
Office, Office of
Research &
Graduate
Studies, and
Department or
Office
Retain 5 years after
termination of the
employee, then destroy.
Secure destruction
Page 5 of 29
Student Financial
Records
These records support the student's
financial account with the university.
They include tax and immigration status;
assessment, billing and collection
information; and FERPA-related
information.
Comptroller's
Office and
Offices of
Student Success
Retain for 4 fiscal years
after date of graduation
or last attendance, then
destroy.
Secure destruction
KU Card
These records include employee and
student information as well as financial
information if the individual has opted to
use the debit card function of the KU
Card.
KU Card Center
Retain until employee
or student leaves the
university.
Secure destruction
Machine-produced files
Master files produced by business
machines during accounting, including
but not limited to PeopleSoft and DEMIS
databases, stand-alone accounting
software hosted by departments, and
interfaces with the State and other
external parties.
Comptroller’s
Office, Office of
Research &
Graduate
Studies, Office
of Institutional
Research &
Planning, and
Information
Technology
Retain 4 fiscal years. Secure destruction
Cash Management
Records
Records to manage business with all types
of financial services providers, including
cash, check, credit card, and other forms
of receipt and payment transactions. This
includes, but is not limited to bank
statements and reconciliations, deposit
registers, and check registers.
Comptroller’s
Office and
Office of
Research &
Graduate Studies
Retain 4 fiscal years. Secure destruction
Budget Preparation
Files - Annual
Documents used in the preparation of
annual university and department budgets,
including but not limited to budget
requests, and final forecasts and analyses
Budget Office,
Comptroller’s
Office, Office of
Research &
Graduate
Studies, and
Department or
Office
Retain 5 fiscal years,
then contact University
Archives for appraisal.
Securely destroy if
not accepted by the
University
Archives.
Page 6 of 29
Bid Records
Documents related to procuring goods
and services, including but not limited to
requests for proposals, requests for
information, bids, quotations, and
estimates
Comptroller’s
Office and
Office of
Research &
Graduate Studies
Retain 4 fiscal years. Secure destruction
Purchase Orders
Purchase orders used by both the
university's Central Purchasing Offices
and departments to request purchases of
goods and services. This includes but is
not limited to contracts and agreements,
and subsidiary ledgers. See also Bid
Records.
Comptroller’s
Office and
Office of
Research &
Graduate Studies
Retain 4 fiscal years. Secure destruction
Grant Files - Funded
Documents relating to applications for
federal, state, and private grants and to
the implementation of those received
Office of
Research &
Graduate Studies
and research
centers, and
Department or
Office
Retain for 5 years after
final payment, then
destroy financial
records. Transfer
remaining documents to
University Archives.
University
Archives
Grant Files - Unfunded
Applications and supporting
documentation relating to federal, state,
and private grants that were submitted but
not funded
Office of
Research &
Graduate Studies
and research
centers, and
Department or
Office
Retain electronic copy
until no longer useful,
then archive. Hard
copy proposals are
returned to the
Principal Investigator
(PI) or destroyed
dependent upon their
instruction.
University
Archives
Series Title Description Official Copy Retention Disposition Comments
Record Class: LEGAL RECORDS
Page 7 of 29
Grievance &
Administrative Hearing
Files
Documents relating to actions taken by or
against employees or students. Includes
records of grievances, hearings, and
appeals
Department
responsible for
the action or
proceeding.
Retain for 5 years after
case is closed or until
no longer useful
(whichever period is
longer), then transfer to
University Archives for
purging.
University
Archives
Litigation Records
Documents and reference materials
(including court transcripts) regarding
cases litigated by the Office of the
General Counsel or outside counsel for
the university
Office of the
General Counsel
or outside
counsel, if
engaged.
Retained by the Office
of the General Counsel
or outside counsel until
no longer useful, then
destroy.
Secure destruction
Legal - Deeds for Real
Estate
Documents pertaining to ownership of
real property
Office of the
General Counsel
Retain permanently. Permanent
Original copy forwarded by
the Office of the General
Counsel to Board of Regents
per Board of Regents policy.
Easements Easements for the use of real estate
Office of the
General Counsel
Retain permanently. Permanent
Legal - Vehicle
Ownership Records
Legal documents pertaining to ownership
of department vehicles, including titles
Comptroller’s
Office
Retain for 5 years after
ownership terminated,
then destroy.
Secure destruction
Legal - Contracts
Legal agreements with individuals/entities
and associated documents (DA-146
series)
Department or
Office
Retain for 5 years after
the close of contract,
then destroy.
Secure destruction
Sponsored research
agreements and research
licensing agreements
involving KU technology are
generally kept at KUCR or
at KUCTC.
Legal - Patents,
Trademarks and
Copyright
Documents relating to Patent, trademark,
and copyright registrations or the original
documents themselves
Office of the
General Counsel
Retain for 5 years after
expiration of patent or
registration, then
transfer to University
Archives.
University
Archives
Page 8 of 29
Legal - Investigation or
Inspection Reports
Reports of findings associated with
investigations of complaints or incidents,
and/or reports of inspections made that
can include identifying information,
general inspection results, and remarks
Department or
Office
Retain for 5 years after
inspection or the close
of the investigation,
then destroy.
Secure destruction
Medical Records
Patient/client medical or treatment
records of campus clinics, mental health
facilities, and Watkins Memorial Health
Center
Department or
Office
Retain 10 years beyond
age 21, deceased, or
case closed, then
destroy.
Secure destruction
Series Title Description Official Copy Retention Disposition Comments
Employee Evaluation
Form and records
regarding disciplinary
actions
Documentation on an individual
employee's work progress or problems
and other records regarding disciplinary
action
HREO (USS)
Dept. Provost,
VP, Deans'
offices for other
types of
employees
Retain 62 years after
termination of
employment, then
destroy.
Secure destruction
If non-USS employees'
evaluations are sent to
HREO, they will be retained
in the Employee Personnel
File.
Teaching Performance
Evaluations
Final course evaluations by students; peer
teaching evaluations as conducted by unit
Department or
Office
Retain 62 years after
termination of
employment, then
destroy.
Secure destruction
Upon termination, employee
may request copies of the
teaching evaluations as
needed for subsequent
employment.
Employee Personnel
Files - Office Copies
Copies of documents in Employee
Personnel Files associated with
employment of specific personnel
(applications, evaluations, forms, etc.),
maintained in the department for
convenience
Department or
Office
Retain 62 years after
termination of
employment, then
destroy.
Secure destruction
Departments may send their
documents to be included in
the Employee Personnel File
if they choose.
Record Class: PERSONNEL RECORDS (Faculty/Staff/Students)
Page 9 of 29
Employee Position
Descriptions
Formal descriptions of duties and other
characteristics of particular employment
positions
HREO
(USS/UPS),
Provost/Depts
(Faculty,
Academic Staff),
Dept (students)
Retain until superseded,
plus 62 years, then
destroy.
Secure destruction
PA = PeopleAdmin for
HREO
Employee Time Report
Records - Departmental
Files
Records documenting time worked by
individual employees on a daily, weekly,
or monthly basis: time sheets, time cards,
attendance reports, absence reports, sign-
in/out sheets, etc.
Department
Retain for 6 fiscal
years, then destroy.
Secure destruction
Employee Withholding
Allowance Certificates
Internal Revenue Service W-4 forms
completed by employees to establish rate
of tax to be withheld from paychecks
Payroll
Retain until no longer
in effect then destroy,
provided four years
have passed since date
tax was due or paid
(whichever is later).
Secure destruction
Part of Employee Personnel
Files
Employment
Applications - Not
Hired
Application and supplementary materials
submitted by unsuccessful applicants for
employment
HREO
(USS/UPS -
Students hired
through PA) &
Depts, Provost
(Faculty,
Academic Staff,
Students)
Retain for 6 fiscal
years, then destroy.
Secure destruction
PA = PeopleAdmin for
HREO
Leave Requests
(Internal) departmental forms used to
request and authorize the taking of leave
by employees
Department or
Office
Retain for 6 fiscal
years, then destroy.
Secure destruction
Promotion and Tenure
Files
Information gathered to support tenure
and promotion decisions
Provost
Retain 7 calendar years
after date of decision,
then destroy.
Secure destruction
Page 10 of 29
Recruitment Files
Documents relating to the recruitment
process to fill vacant positions
HREO
(USS/UPS -
Students hired
through PA) &
Depts, Provost
(Faculty,
Academic Staff,
Students)
Retain for 5 fiscal
years, then destroy.
Secure destruction
PA = PeopleAdmin for
HREO
Search Committee
Records
Job postings, lists of candidates, final
reports, etc.
HREO (USS,
UPS) & Depts
(All), Provost
Retain for 5 fiscal
years, then destroy.
Secure destruction
PeopleAdmin for HREO.
Dept must keep notes and
documents not stored in
PeopleAdmin.
Series Title Description Official Copy Retention Disposition Comments
Organizations - Student
Records documenting activities of student
organizations affiliated with university
departments
Department or
Office
Retain until no longer
useful, then transfer to
the University Archives
for purging.
University
Archives
Organizations - Student
Government
Records documenting the activities of the
Student Governing Association, Student
Senate, etc.
Department or
Office
Retain until no longer
useful, then transfer to
the University Archives
for purging.
University
Archives
Admission Files -
Students Who Did Not
Enroll
Applications, transcripts, and ACT scores
for students who applied for admission
but did not enroll
Department or
Office
Retain for 1 year after
application term, then
destroy.
Secure destruction
Record Class: STUDENT & COURSE RECORDS
Page 11 of 29
Admissions Files -
Enrolled Students
Applications, transcripts, letters of
recommendation, financial aid, English
scores, immigration documents,
autobiographical statements, etc. required
for admission. (Current & Past Students)
Department or
Office
Retain for 5 years after
graduation or date of
last attendance, then
transfer
autobiographical
statements to the
"Autobiographical
Statements" series and
retain accordingly.
Destroy the remainder
of the file.
Secure destruction
Academic Advising
Records
Records documenting students'
interactions with academic advisors,
including academic tracking records and
correspondence
Department or
Office
Retain online advising
tool until no longer
useful, then destroy.
Secure destruction
Attendance Forms
Attendance records, including last day of
attendance forms, reporting students who
never attended or ceased attending classes
Department or
Office
Retain 1 calendar year
after applicable
semester, then destroy.
Secure destruction
Student Enrollment
Files
Enrollment forms, student status changes,
and related documents concerning an
individual student's enrollment in a course
University
Registrar
Retain for 3 calendar
years, then destroy.
Secure destruction
Class Syllabi
List of readings and requirements for a
particular course
Department or
Office
Retain for 5 years after
class last taught, then
destroy.
Secure destruction
Theses and
Dissertations
Record copies of Master's theses and
Ph.D. dissertations submitted to fulfill
graduation requirements
Department or
Office
Permanent Libraries
Faculty Grade Books
Used by faculty to record class
participation, attendance, homework,
grades, test grades, and other items
concerning students in classes
Department or
Office
Retain 2 calendar years
after grades assigned,
then destroy.
Secure destruction
Faculty Grade Reports
Reports prepared by faculty members
recording the grade each student received
for a course
Department or
Office
Retain 1 calendar year
after grades assigned,
then destroy.
Secure destruction
Page 12 of 29
Application for
Graduation
Application submitted by a prospective
graduate several months prior to
graduation, resulting in an administrative
check of student records to confirm that
the student is eligible for graduation
University
Registrar
Retain 1 calendar year
after date of graduation
or date of last
attendance, then
destroy.
Secure destruction Electronically retained
Application for
Readmission
Form required to update student
information when there is a break in
attendance and student requests
readmission
Department or
Office
Retain 5 calendar years
after graduation or date
of last attendance, then
destroy.
Secure destruction
Change of Course
Forms
Student requests to drop or add a course
University
Registrar
Retain 1 calendar year
after student's
graduation or date of
last attendance, then
destroy.
Secure destruction
Change of Grade
Request
Forms completed by instructor to change
a course grade
University
Registrar
Retain for 7 fiscal
years, then destroy.
Secure destruction
Class Rosters
List of students enrolled in a particular
course
University
Registrar
Retain
departmental/instructor
copies 1 calendar year,
then destroy.
Secure destruction Permanent on SRIS
Class Schedules -
Students
Class schedule generated each semester
for each student
University
Registrar
Retain
departmental/advising
copies 1 academic year
after graduation or date
of last attendance, then
destroy.
Secure destruction
Permanent on Student
Information System
Class Schedules - Forms
Form used by the student and the advisor
to determine the classes in which a
student will enroll for a given term and to
update addresses and other information
Advising unit
creating
Retain for 1 year after
graduation or date of
last attendance, then
destroy.
Secure destruction
Permanent on Student
Information System
Page 13 of 29
Correspondence -
Student Related
Incoming and outgoing letters and
memoranda which relate to student
records issues, such as academic status,
graduation, registration, etc.
Department
creating
Retain 5 academic
years after date of
graduation or date of
last attendance, then
destroy.
Secure destruction
Course Catalogs
Catalog (law, medicine, graduate, and
undergraduate)
University
Registrar
1.) Departmental units
retain until new catalog
is issued, then destroy if
no longer useful. 2.)
University Archives
and University
Registrar retain copies
permanently.
See Comments
University Archives and
University Registrar retain
permanently. All other
departments, destroy.
Coursework - Students
Student quizzes, tests, exams, papers,
homework, and projects
Department or
Office
If not returned to
student, retain 1
calendar year after
grades assigned, then
destroy.
Secure destruction
Credit/No Credit Applications for credit/no credit option
University
Registrar
Retain for 5 calendar
years, then destroy.
Secure destruction
Curriculum Change
Authorization
Form documenting change of a student's
academic minor, major, or emphasis
University
Registrar
Retain 5 calendar years
after date of graduation
or date of last
attendance, then
destroy.
Secure destruction
Departments/Advising units
may wish to retain in
advising file for ease of
reference for similar
timeframe.
Department Specific
content with student
related information
Any document with non-directory
information of student in the content.
Examples can include but may not be
limited to advising notes, requests for
exceptions, misconduct files, fee
assessment information, certification
forms, etc.
Varies -- contact
University
Registrar
Varies -- contact
University Registrar
Secure destruction
Page 14 of 29
Withdrawal
Authorizations
Student requests to withdraw from a class
that have been granted
University
Registrar
Retain 2 years after
graduation or date of
last attendance, then
destroy.
Secure destruction
Series Title Description Official Copy Retention Disposition Comments
Accession Records
(Spencer Library)
Record for each manuscript and
photographic collection, providing basic
information about the collection, where it
came from, what it is, when it arrived,
special issues, etc.
Spencer Library Retain permanently.
Bibliographic &
Holdings Records
Library catalog records providing finding
aids to library collections
Online in the
integrated library
management
system
Retain for life of
material.
Secure destruction
Borrower Application
Forms
Borrower card application forms which
are entered into the computer circulation
system
Department or
Office
Retain current year,
plus 3.
Secure destruction Store in secure paper file.
Borrower Notices &
Correspondence
Overdue, fines/fees, lost book, item
availability, search, hold, borrower card
renewal notices
Department or
Office for print
and online as
part of library
management
systems
Retain 3 years. Secure destruction
Circulation Records
(Automated)
Items checked out to individual borrower
through the computer circulation system
Online in the
integrated library
management
system
Retain until transaction
is complete unless
related fines or fees
occur. Transactions
with fines and fee
records are retained
permanently.
System delete
Record Class: LIBRARY RECORDS
Page 15 of 29
Course Reserve Lists
(Automated)
Lists of item on reserve in the online
course reserve system, placed on reserve
status by teaching faculty and instructors
Online in the
electronic course
reserve system
Retained permanently
in automated system.
Deeds of Gift Records of donor information
Department or
Office
Retain permanently.
Electronic Reference
Questions from patrons via electronic
reference service
Online in the
electronic
reference system
Retain 90 days, then
strip personal
information and retain
until no longer useful,
then destroy.
Fines & Fees Records
Documents fees charged and collected for
overdue books, lost books, interlibrary
loan requests, etc.
Online in the
integrated library
management
and interlibrary
loan systems
Retain permanently
within automated
system.
Master Digital Files
Original master files from digital scanning
and conversion projects
Online on the
digmaster server
on the IT floor
Retain permanently.
Retained on IT
server/storage.
Patron Comments
Comments received via web, e-mail, and
correspondence
Online in email,
both group and
individual
accounts. In
print in
Department or
Office
Retain until no longer
useful.
Secure destruction
Patron Records
Any record that links library use or
requests to an individual library user.
Includes records held by library and in
some cases accessible to external vendors
under software support agreements. May
include name and address information
Online in the
integrated library
management
and interlibrary
loan systems.
Retain expired records
with no outstanding
obligations for 5 years.
IT staff purge as
part of routine
maintenance.
Page 16 of 29
Patron Requests -
Permission to Publish
Forms
Request by patron to publish
reproductions of materials
Spencer Library Retain permanently.
Patron Registration
Records for Spencer
Library Use
Patron name, address, phone number, and
signature attesting compliance with
copyright law
Spencer Library Retain permanently.
Patron Online Search
Records
Any record that links the search of an
individual to keywords, topics, or
materials in the library catalog
Voyager and
apache log files
on library
management
system web
server
Retain 90 days, then
strip personal
information and retain
until no longer useful,
then destroy.
IT staff run scripts
to strip information
monthly.
IT will need to set up
processing.
Series Title Description Official Copy Retention Disposition Comments
Batch Data Entry
Control Records
Forms and logs used to reconcile batches
submitted for processing against batches
received and processed
Department or
Office
Retain by Office until
closed, terminated,
completed, expired, or
settled, and when
reconciliation
confirmed.
Secure destruction
Charge-back Records to
Data Processing
Services Users
Records used to document, calculate
costs, and bill program units for computer
usage and data processing services.
These records are also used for cost
recovery, budgeting, or administrative
purposes.
Retain 3 fiscal years.
Retain summary reports
until no longer useful,
then transfer to
University Archives.
Destroy detail
records
University
Archives
Computer Job
Schedules and Reports
Schedules or similar records showing
computer jobs to be run and other reports
by computer operators or programmers of
work performed
Department or
Office
Retain for 3 months. Secure destruction
Record Class: INFORMATION TECHNOLOGY RECORDS
Page 17 of 29
Computer Security
Incident Documentation
Reports, logs, extracts and compilations
of data regarding incidents involving
unauthorized attempted entry, probes,
and/or attacks on data processing systems,
information technology systems,
telecommunications networks, and
electronic security systems, including
associated software and hardware.
Comply with applicable provisions of
federal and state laws and regulations
including HIPAA and FERPA regarding
confidentiality of computer-related and
privacy records.
Department or
Office
Retain by Office until
incident is resolved,
plus 5 years.
Secure destruction
Computer System
Review
Firewall logs, system auditing logs,
reports, and review reports regarding the
maintenance and security of the computer
system. Comply with applicable
provisions of federal and state laws and
regulations including HIPAA and FERPA
regarding confidentiality of computer-
related and privacy records.
Department or
Office
Retain review report
and supporting data for
3 years.
Secure destruction
Data System Audit
Trails Files
Consisting of data generated during the
creation of a master file or database used
to validate a master file or database
during a processing cycle. Retained to
create a management audit trail for and to
ensure the quality of data.
Files needed for electronic data audits
such as files or reports showing
transactions accepted, rejected,
suspended, and/or processed; history
files/ tapes; records of online updates to
application files, or security logs.
Department or
Office
Retain 5 fiscal years
after closed, terminated,
completed, expired, or
settled and all audit
requirements have been
met.
Secure destruction
Page 18 of 29
Data System Users
Access Records
Records created to control or monitor
individual access to a system for security
purposes, including but not limited to user
account records, security logs, and
password files
Department or
Office
Retain until individual
no longer has access to
the system, plus 1 year.
Secure destruction
Data Systems Backup
Files
Copies of master files or databases,
application software, logs, directories,
and other documentation needed to
restore a system in case of a disaster or
inadvertent destruction
Department or
Office
After closed,
terminated, completed,
expired, or settled after
completion of the 3rd
verification cycle; or
audit completion
confirming successful
transaction updates; or
required audit trail
maintenance; or the
ability to restore or
migrate when errors are
detected or when
hardware or software
changes occur.
CAUTION: Records
Management officers
must be certain before
assigning the retention
period of AC to agency
automated processing
files that the files do not
fall under records series
listed elsewhere.
Secure destruction
Backups used to document
transactions should be
scheduled separately by the
responsible program unit.
For fiscal systems, monthly
system backups are retained
for the entire fiscal year to
provide an audit trail and
meet annual requirements in
lieu of copies. If these
records are covered by
specific Federal
requirements on longer
records retention, they
should be scheduled
separately by the appropriate
program unit.
Page 19 of 29
Data Systems
Documentation -
Application
Development Files
Records created and used in the
development, redesign, or modification of
an automated system or application.
These may include project management
records, status reports, draft system or
subsystem specifications, draft user
requirements and specifications, and
memoranda and correspondence.
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Data Systems
Documentation -
Conversion / Migration
Plans
Records that deal with the replacement of
equipment or computer operating systems
due to hardware/software obsolescence or
maintenance.
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Data Systems
Documentation - Data
Documentation /
Metadata
Records or metadata necessary to access,
retrieve, manipulate, and interpret data in
an automated system. May include data
element dictionary, file layout, code book
or table, and other records that explain the
meaning, purpose, structure, logical
relationships, and origin of the data
elements.
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Page 20 of 29
Data Systems
Documentation - Data
Flow Documentation
Documentation regarding the movement
of data within and/or between automated
systems. May include data element
dictionary, file layout, code book or table,
and other records that explain the
meaning, purpose, structure, logical
relationships, and origin of the data
elements.
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Data Systems
Documentation - Data
Systems Specifications
User and operational documentation
describing how an application system
operates from a functional user and data
processing point of view. May include
records documenting data entry,
manipulation, output and retrieval,
records necessary for using the system,
including user guides, system or sub-
system definitions, system flowcharts,
program descriptions and documentation,
job control or work flow records, system
specifications, and input and output
specifications.
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Data Systems
Documentation -
Hardware
Documentation
Records documenting the use, operation,
and maintenance of an agency's data
processing equipment
Department or
Office
Retain by Office 3
years after
discontinuance/disposal
of equipment.
Secure destruction
Retain for the life of the
equipment, then transfer to
new owner of equipment or
destroy as appropriate. See
also Equipment Operation
Records and Vehicle
Ownership and Maintenance
Records.
Page 21 of 29
Data Systems
Documentation - Source
Code
Source Code
Department or
Office
Retain by Office 3
years after
discontinuance of
system or application,
and/or after system's or
application's instance
data have been
destroyed or migrated
to a new structure or
format.
University
Archives
Data Systems Test
Databases / Files
Routine or benchmark data sets, related
documentation, and test results
constructed or used to test or develop a
system
Department or
Office
Retain by Office until
system acceptance, plus
1 year.
Secure destruction
Destruction of Files
Reports
Department or
Office
Retain by Office until
superseded or obsolete,
plus 1 year.
Secure destruction
Disaster Preparedness
and Recovery Plans
Plans and other documents related to
reestablishment of data processing
services following a disaster
Department or
Office
Retain by Office until
superseded, then
transfer to University
Archives.
University
Archives
Equipment Support -
Network / Site
Site visit reports, trouble reports, service
history, correspondence
Department or
Office
Retain by Office
service histories and
other summary records
until superseded or
obsolete.
Retain by Office
remaining records until
administrative value
ends.
Secure destruction
Retain for the life of the
equipment, then transfer to
new owner of equipment or
destroy as appropriate. See
also Equipment Operation
Records and Vehicle
Ownership and Maintenance
Records.
Page 22 of 29
Equipment Support
Files - Data Systems
Information on data processing
equipment, software, and other products
and their vendors. Record of support
services provided for specific data
processing equipment, including site visit
reports, service reports, service histories,
and correspondence.
Department or
Office
Retain by Office
service histories and
other summary records
until superseded or
obsolete.
Retain by office
remaining records for 3
years.
Secure destruction
Retain for the life of the
equipment, then transfer to
new owner of equipment or
destroy as appropriate. See
also Equipment Operation
Records and Vehicle
Ownership and Maintenance
Records.
Finding Aids, Indexing,
Tracking Systems
Automated indexes, lists, registers, and
other finding aids used to provide access
to records
Department or
Office
Retain by Office until
related paper or
electronic records have
been destroyed or
transferred in
accordance with the
disposition of the
related paper or
electronic records as
appropriate.
Varies based on
disposition of
related data /
documents
Finding aides, indexes, and
tracking systems of program
units other than data
processing units should be
scheduled by the responsible
program unit in conjunction
with related program
records.
Page 23 of 29
Hardware
Documentation
Records documenting operational and
maintenance requirements of computer
hardware such as operating manuals,
hardware/operating system requirements,
hardware configurations, and equipment
control systems
Department or
Office
Retain by Office until
closed, terminated,
completed, expired, or
settled and until
electronic records are
transferred to and made
usable in a new
hardware environment,
or there are no
electronic records that
require the hardware in
order to be retrieved
and read are retained to
meet an approved
retention period.
CAUTION: Software
needed for access to the
electronic records must
be retained for the
period of time required
to access the records.
Secure destruction
Help Desk Logs and
Reports
Consists of records used to document
requests for technical assistance and
responses to these requests, as well as to
collect information on the use of
computer equipment to compile monthly
and annual statistics, and for reference for
planning, management analysis, and other
administrative purposes
Department or
Office
Retain by Office until
closed, terminated,
completed, expired, or
settled and when
reconciliation
confirmed, plus 2 years.
Retain by Office,
summary reports, until
no longer
administratively useful.
Secure destruction
Page 24 of 29
History Files - Web
Sites
A record of the documents visited during
an Internet session that allows users to
access previously visited pages more
quickly or to generate a record of a user's
progress
Department or
Office
Retain by Office until
closed, terminated,
completed, expired, or
settled and when
reconciliation
confirmed.
Retain by Office,
summary reports, until
no longer
administratively useful.
Secure destruction
Internet Cookies
Data resident on hard drives that make
use of user-specific information
transmitted by the Web server onto the
user's computer so that the information
might be available for later access by
itself or other servers
After closed,
terminated, completed,
expired, or settled.
Secure destruction
Network / Circuit
Installation and Service
Work orders, correspondence, work
schedules, building / circuit diagrams
Department or
Office
Retain by Office until
completion of work,
plus 2 years.
Secure destruction
Network Circuit
Inventories
Circuit number, vendor, cost per month,
type of connection, terminal series,
software
Department or
Office
Retain in Office until
superseded or obsolete,
plus 2 years.
Secure destruction
Network
Implementation Projects
Reports, justifications, working diagrams,
wiring schematics
Department or
Office
Retain in Office until
superseded or obsolete,
plus 2 years.
Secure destruction
Off-Line Storage
Control Records
Department or
Office
Retain by Office until
superseded or obsolete,
plus 1 year.
Secure destruction
Page 25 of 29
Off-line Storage System -
Automated
List of backup tapes
Department or
Office
Retain by Office until
related records or
media are destroyed or
withdrawn from the
media library.
Secure destruction
Operating System &
Hardware Conversion
Planning
Replacement of equipment or computer
operating systems that support the
creation of non-permanent records
Department or
Office
Retain in Office until
completion of
conversion, plus 1 year.
Secure destruction
Polices, Procedures, and
Related Documentation -
Data Processing
Documents establishing policies,
procedures, and guidelines for data
processing, including access, security,
systems development, data retention and
disposition, and data ownership. Manuals
or records of procedures for data entry,
the operation of computer equipment,
production control, tape library, system
backup, and other aspects of a data
processing operation
Department or
Office
Retain by Office until
superseded or obsolete,
plus 3 years.
OR
Retain in Office until
superseded or obsolete,
plus 10 years.
Secure destruction
Polices, Procedures, and
Related Documentation -
IT Security
Documents establishing IT security
policies, procedures, standards,
guidelines, or plans in areas such as
physical access and security, systems
access and security, information security,
systems monitoring, etc.
Department or
Office
Retain by Office until
superseded or obsolete,
plus 3 years.
Secure destruction
Quality Assurance
Records and Reports
Adherence of applications and systems
development procedures and products to
established policies, processes,
architectures, deliverables, performance
metrics, budgetary allocations, and
deadlines. Documentation includes
reviews and assessments.
Department or
Office
Retain by Office until
source code is upgraded
or becomes obsolete,
plus 3 years.
Secure destruction
Page 26 of 29
Software Registration,
Warranties, License
Agreements, Contracts
Department or
Office
Retain by Office for life
of the asset, plus 3
years.
Secure destruction
Retain until expiration of
contract plus 5 calendar
years, then destroy. See also
Purchasing Records, Vendor
Files, Accounts Payable
Records, Bid Records, and
Vouchers and Requisitions.
System Monitoring
Records
Electronic files or automated logs created
to monitor computer systems such as print
spool logs, console logs, tape activity
logs, etc.
Department or
Office
Retain by Office as
long as administratively
valuable.
Secure destruction
Usage Files - Data
Systems
Records created to monitor computer
system and network usage including but
not limited to log-in files, system usage
files, charge-back information, data entry
logs, security logs, and records of
individual computer program usage
Department or
Office
Retain by Office until
completion of
applicable review and
verification procedures.
OR
Retain in Office until
completion of
applicable review and
verification procedures,
plus 1 year .
Secure destruction
If no litigation, claim, audit,
or other official action
involving the records has
been initiated. If official
action has been initiated,
destroy after completion of
action and resolution of
issues involved.
Page 27 of 29
Usage Files - Internet
Services (internal)
Records created to monitor access and use
of services provided via the Internet
including Website logs, mail server logs,
FTP logs, Telnet logs, and antivirus/anti-
spam mail service logs
Department or
Office
Retain by Office until
completion of
applicable review and
verification procedures.
OR
Retain in Office until
completion of
applicable review and
verification procedures,
plus 1 year .
Secure destruction
If no litigation, claim, audit,
or other official action
involving the records has
been initiated. If official
action has been initiated,
destroy after completion of
action and resolution of
issues involved.
Usage Files - Network
& Telecommunications
(internal)
Records created to monitor computer
system and network usage including but
not limited to log-in files, system usage
files, charge-back information, data entry
logs, security logs, and firewall logs
Department or
Office
Retain by Office until
completion of
applicable review and
verification procedures
OR
Retain in Office until
completion of
applicable review and
verification procedures,
plus 1 year.
Secure destruction
If no litigation, claim, audit,
or other official action
involving the records has
been initiated. If official
action has been initiated,
destroy after completion of
action and resolution of
issues involved.
Usage Files - Summary
Reports
Summary reports documenting computer
usage for reporting of cost recovery
purposes
Department or
Office
Retain 3 fiscal years. Secure destruction
Compare against Financial
Records Schedule.
Telephone Accounting
System Reports
Computer generated reports listing all
telephone calls made or received from
individual extensions within the agency
Information
Technology
Retain 3 fiscal years. Secure destruction
Voice Mail Messages
Sound recordings produced by a voice
mail system designed to leave messages
for the receiver
Information
Technology
Retain until no longer
useful, then destroy.
Secure destruction
Page 28 of 29
Telephone Billing
Records
Copies of computer billings and
supporting documents concerning the use
of a telecommunications service provider
Information
Technology
Retain 3 fiscal years. Secure destruction
KEYWORDS:
Record, Record Retention, Records Retention, Archive, Disposition
Page 29 of 29
