Table of Contents

RTI Record Management System for Public Authorities

Direct answer. Section 4(1)(a) of the RTI Act 2005 obliges every public authority to maintain all its records duly catalogued and indexed in a manner and the form which facilitates the right to information and to computerise records appropriate to be computerised and connect them through a network. A compliant record management system rests on five pillars: a master file index, a retention schedule, digitisation of active records, a search-and-retrieval log, and an annual audit. Without these, every RTI request becomes a discovery exercise and Section 7(1) timelines collapse.

A good record management system is the single biggest predictor of clean RTI compliance. Departments that suffer the worst RTI complaints are those whose records are scattered, undated and undigitised. This page sets out a five-pillar system that any public authority — Central ministry, State department, municipality or university — can implement in six months.

Why this matters

Pillar 1 — master file index

  1. One central index of every file in the office, organised by department / section / year.
  2. Each file has: file number, subject, opening date, closing date, current location (active / archive / digitised), retention category.
  3. Index is searchable — at minimum by subject keywords, by year, by file number.
  4. Index is updated weekly by the records-section officer.
  5. Index is itself a record disclosable under RTI (subject to redaction of any specific exempt entries).

Pillar 2 — retention schedule

  1. Each file is assigned a retention category at the time of opening:
    • Permanent — policy files, Cabinet papers, legal opinions.
    • 30 years — major project files.
    • 10 years — administrative correspondence.
    • 5 years — routine correspondence.
    • 3 years — receipts, day-to-day forms.
  2. The retention schedule mirrors the Public Records Act and the public authority's internal manual.
  3. Files reaching their retention end are reviewed before destruction by a records committee.
  4. Destruction is recorded in a register that itself is a permanent record.

Pillar 3 — digitisation

  1. Active files (last 5 years) digitised first.
  2. OCR'd PDF — searchable, not just scanned images.
  3. Each page numbered and stamped before scanning so the digital and physical match.
  4. Cross-reference: each physical file's cover page mentions the digital location; each digital file mentions the physical location.
  5. Use a content-management system with role-based access.

Pillar 4 — search-and-retrieval log

  1. Each retrieval is logged: who pulled the file, when, for what purpose, when returned.
  2. Logs help with Section 7(1) evidence — proof that the PIO did pull the record within X days.
  3. Logs help with vigilance investigations.

Pillar 5 — annual audit

  1. Once a year, the records committee samples 5% of files at random and verifies:
    • Index accuracy.
    • Physical-digital match.
    • Retention schedule compliance.
    • Audit trail integrity.
  2. Audit findings are reported to the head of office and reflected in the Section 25 annual return.

Step by step: building the system

  1. Step 1. Constitute the records committee — chaired by the head of office, including the PIO, FAA and IT in-charge.
  2. Step 2. Take stock — list every file the office holds and assign a retention category.
  3. Step 3. Procure or commission an index database (DMS).
  4. Step 4. Train all sections on file-numbering convention.
  5. Step 5. Pilot digitisation with one section; iterate; roll out to all sections.
  6. Step 6. Publish the catalogue (subject to redaction) under Section 4(1)(b)(vi).
  7. Step 7. Audit annually.

File-numbering convention (suggested)

`[Office code]/[Section code]/[Subject code]/[Year]/[Serial]`

Example: `MEA/JS-Africa/Bilateral-Kenya/2026/047`.

The convention should be:

Common public authority mistakes

What citizens can ask under RTI about your records

A clean record system reduces these RTIs because the data is already on the website.

Frequently asked questions

Is a DMS mandatory?

The Act says “computerise records appropriate to be computerised”. For most modern offices, a DMS is appropriate.

Can we destroy old files freely?

No. Destruction must follow the retention schedule and the public authority's manual, with a records committee approval.

What about classified files?

Classified files are still recorded in an index (with title and classification) — the contents are restricted, the existence is not.

Are personal note-pads "records"?

Personal pads in officers' drawers are not records. Notings on official files are records under Section 2(f).

How often should the index be updated?

Weekly minimum. After every major file-creation event.

Who owns the records?

The public authority. Officers do not own files personally; transfers do not entitle officers to take files.

What about emails?

Official emails on official accounts are records. Maintain an email archive aligned with the file system.

Sources

See also

Last reviewed: 9 May 2026.