Is IT or the records office responsible for configuring email archiving and journaling?
The short answer is that both functions are involved, but they own different parts of the work. Email archiving and journaling succeed only when the records or information governance (IG) office defines what and why, and IT implements and operates the how. Treating it as a purely technical task — or a purely policy task — is where most programs go wrong.
A shared model of responsibility
A useful way to think about it is to separate the decisions from the mechanics.
The records / IG office typically owns:
- Which mailboxes, distribution lists, and message types must be captured.
- Retention and disposition rules, including how long journaled or archived mail is kept and when it is destroyed.
- Legal hold and litigation-hold requirements, often in coordination with legal counsel.
- Classification, sensitivity, and privacy handling expectations.
- Defining what counts as a record versus transitory or personal mail.
The IT department typically owns:
- Configuring the journaling or archiving capability in the mail platform.
- Storage, indexing, encryption, access controls, and backups.
- Reliability, monitoring, and ensuring capture is complete and tamper-evident.
- Applying the retention and hold rules that records/IG has defined.
Governance ties it together
The recurring theme in records management standards is accountability: someone must own the policy, and the technical configuration must enforce that policy rather than substitute for it. ISO 15489 frames records management as a managed program with assigned responsibilities, controls, and documented requirements — not an ad hoc IT setting. In practice, that means the records office sets the rule that “all messages from these accounts are captured and retained for the required period,” and IT translates that into the journaling rule and storage configuration.
Two practical safeguards help:
- Put it in writing. A documented policy and a configuration record show that capture decisions were deliberate and defensible.
- Review together. Periodic joint reviews catch gaps when new mailboxes, platforms, or messaging tools (chat, mobile) appear.
Bottom line
Records/IG decides what must be captured and for how long; IT builds and runs the system that captures it. Neither can do the job alone, and the strongest programs treat archiving and journaling as a jointly governed responsibility.
For related guidance, see the email and messaging topic hub.
Sources & further reading
Authoritative government and non-profit references.
- Records management (NARA) — National Archives (NARA)
- ISO 15489-1 Records management — ISO
How to cite this page
APA
RM University Editorial. (2026). Is IT or the records office responsible for configuring email archiving and journaling?. Records Management University. https://www.recordsmgmt.org/questions/is-it-or-the-records-office-responsible-for-configuring-email-archiving-and-journaling/
MLA
RM University Editorial. "Is IT or the records office responsible for configuring email archiving and journaling?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/is-it-or-the-records-office-responsible-for-configuring-email-archiving-and-journaling/.
Related questions
- Are emails between teachers and parents considered education records under FERPA?
- Are emails in my Sent folder and Inbox both records, or just one copy?
- Are emails on my personal phone discoverable in a lawsuit?
- Are ephemeral or disappearing messages legal to use for work, or do they violate recordkeeping rules?
- Are text messages and chat business records?