Skip to Content

Data Security and Protection in Public Sector Records Management


Data security and protection are essential prerequisites for deploying an electronic records management system. In essence, this means you must take the following five crucial issues into account :

  • Authentication: Access to a system must be restricted to only authorized users, and the system must ensure that other users cannot assume their identity to gain access to the system.
  • Authorization: Users must be restricted to only those tasks for which they are authorized.
  • Integrity: Data cannot be changed unless user is authorized to do so.
  • Confidentiality: Reliability and adherence to legal obligations must be ensured.
  • Recording and logging: All activities and events must be recorded so that they can be accessed at a later stage.
  • Authorization Level: An authorization level (e.g. confidential, secret etc.) can be assigned to a document. Via this level a user gets access only to document where he has the authorization.
  • Access control lists: The records manager can assign a record, case or document to an access control list. Only users belonging to this list have access to the corresponding records, case or document.

Authorization Level :

  • Are a linear ordered set of access control markings, which represent security categories to protect the access to classes, folders and records within ERMS. Example-

               i.   Top Secret (highest level)

               ii.  Secret

               iii. Confidential

               iv. Restricted

               v.  Unclassified (lowest level)  

  • The Authorization Levels are customizable.
  • A higher level encompasses all lower levels.
  • Path for the customizing of Authorization Levels: Records and Case Management → Authorizations → Authorizations for The National Archives (TNA) → Create Values for Attribute 'Authorization Level'


Access Control :

  • Two key attributes for Access Control

               i.  Access Control: Users  where only SAP users can be entered

               ii. Access Control: Groups  can be maintained via transaction SO23

  • Access Control Lists for Groups are Distribution Lists (DL) in the SAP system.
  • In order to find a DL enter the name of the DL (wild cards are allowed), press Find.
  • Double click on the marked line leads to details of the DL.
  • When you press tab Attributes you find the assignment to a folder. If you are in the edit mode, the F4 help gives you the option to create a new folder.
  • In order to create a DL enter the name of the DL, press Create.
  • The system ask for a folder immediately. Enter an existing folder or – if necessary create via the F4 help a new folder.
  • Save the DL.
Former Member

No comments